Pardon the top-post folks. If you're running KVM, ESPECIALLY if it's in your
global zone, you should update your KVM packages now. As Joshua from Joyent
points out below, there are several CVEs that are addressed with this update.
Thanks to Joshua for putting these to bed quickly.
"pkg update" is your friend for LTS (r151014) and Stable (r151016). My own
r151014 build machine has a KVM-in-a-zone instance (running OpenIndiana), which
seems to work just fine after this update.
If you're not running KVM on OmniOS, don't sweat this. If you're running KVM
on Bloody, expect this as part of a larger update to bloody tonight or tomorrow.
Thanks,
Dan
> Begin forwarded message:
>
> From: "Joshua M. Clulow"
> Subject: [HEADS-UP] QEMU CVE fixes have been put back (was: [USN-2891-1] QEMU
> vulnerabilities)
> Date: February 11, 2016 at 2:50:25 PM EST
> To: Dan McDonald
> Cc: Robert Mustacchi
>
> Hi Dan,
> I have pushed fixes for the five applicable CVEs. The SmartOS tickets are:
>
> https://smartos.org/bugview/HVM-841 (CVE-2015-8504)
> https://smartos.org/bugview/HVM-842 (CVE-2015-8550)
> https://smartos.org/bugview/HVM-843 (CVE-2015-8743)
> https://smartos.org/bugview/HVM-844 (CVE-2016-1714)
> https://smartos.org/bugview/HVM-845 (CVE-2016-1981)
>
> The changes are all in the "master" branch of "kvm-cmd.git". I have
> done a build, and some basic testing of the "e1000" NIC emulation and
> the VNC emulated display driver.
>
>
> Cheers.
>
> --
> Joshua M. Clulow
> Software Engineer @ Joyent
> mail: j...@joyent.com
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss