Fedora 7 : xen-3.1.2-2.fc7 (2008-2083)

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

- Sat Feb 23 2008 Daniel P. Berrange <berrange at
redhat.com> - 3.1.2-2.fc7

- Fix block device extents check (rhbz #433560)

- Sat Dec 1 2007 Daniel P. Berrange <berrange at
redhat.com> - 3.1.2-1.fc7

- Upgrade to 3.1.2 bugfix release

- Fri Oct 26 2007 Daniel P. Berrange <berrange at
redhat.com> - 3.1.0-8.fc7

- Fixed xenbaked tmpfile flaw (CVE-2007-3919)

- Wed Sep 26 2007 Daniel P. Berrange <berrange at
redhat.com> - 3.1.0-7.fc7

- Fixed rtl8139 checksum calculation for Vista (rhbz
#308201)

- Wed Sep 26 2007 Chris Lalancette <clalance at
redhat.com> - 3.1.0-6.fc7

- QEmu NE2000 overflow check - CVE-2007-1321

- Pygrub guest escape - CVE-2007-4993

- Mon Sep 24 2007 Daniel P. Berrange <berrange at
redhat.com> - 3.1.0-5.fc7

- Fix generation of manual pages (rhbz #250791)

- Fix 32-on-64 PVFB for FC6 legacy guests

- Mon Sep 24 2007 Daniel P. Berrange <berrange at
redhat.com> - 3.1.0-4.fc7

- Fix VMX assist IRQ handling (rhbz #279581)

- Sun Sep 23 2007 Daniel P. Berrange <berrange at
redhat.com> - 3.1.0-3.fc7

- Don't clobber the VIF type attribute in FV guests
(rhbz #247122)

- Wed Aug 1 2007 Markus Armbruster <armbru at
redhat.com>

- Put guest's native protocol ABI into xenstore, to
provide for older kernels running 32-on-64.

- VNC keymap fixes

- Fix race conditions in LibVNCServer on client
disconnect

- Mon Jun 11 2007 Daniel P. Berrange <berrange at
redhat.com> - 3.1.0-2.fc7

- Remove patch which kills VNC monitor

- Fix HVM save/restore file path to be /var/lib/xen
instead of /tmp

- Don't spawn a bogus xen-vncfb daemon for HVM guests

- Fri May 25 2007 Daniel P. Berrange <berrange at
redhat.com> - 3.1.0-1.fc7

- Updated to official 3.1.0 tar.gz

- Fixed data corruption from VNC client disconnect (bz
241303)

- Thu May 17 2007 Daniel P. Berrange <berrange at
redhat.com> - 3.1.0-0.rc7.2.fc7

- Ensure xen-vncfb processes are cleanedup if guest
quits (bz 240406)

- Tear down guest if device hotplug fails

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=433560
http://www.nessus.org/u?863e6f6b

Solution :

Update the affected xen package.

Risk factor :

Medium / CVSS Base Score : 4.7
(CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Fedora Local Security Checks

Nessus Plugin ID: 31316 (fedora_2008-2083.nasl)

Bugtraq ID: 23731

CVE ID: CVE-2008-0928

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now