2018-05-28 14:07 GMT+02:00 Nathanaël Blanchet <[email protected]>: > Hello, > > Will a 4.1.9.x security update be released for those who can't migrate to > 4.2.3.7 for any reasons? > No. oVirt 4.1 reached end of life with 4.1.9 https://lists.ovirt.org/pipermail/announce/2018-January/000383.html Please consider updating to 4.2 as soon as practical / possible.
> > Le 23/05/2018 à 16:57, Sandro Bonazzola a écrit : > > As you may have already heard, an industry-wide issue was found in the way > many modern microprocessor designs have implemented speculative execution > of Load & Store instructions. > This issue is well described by CVE-2018-3639 announce available at > https://access.redhat.com/security/cve/cve-2018-3639. > > oVirt team has released right now an update of ovirt-engine to version > 4.2.3.7 which add support for SSBD CPUs in order to mitigate the security > issue. > > If you are running oVirt on Red Hat Enterprise Linux, please apply updates > described in https://access.redhat.com/security/cve/cve-2018-3639. > > If you are running oVirt on CentOS Linux please apply updated described by: > CESA-2018:1629 Important CentOS 7 kernel Security Update > <https://lists.centos.org/pipermail/centos-announce/2018-May/022843.html> > CESA-2018:1632 Important CentOS 7 libvirt Security Update > <https://lists.centos.org/pipermail/centos-announce/2018-May/022840.html> > CESA-2018:1649 Important CentOS 7 java-1.8.0-openjdk Security Update > <https://lists.centos.org/pipermail/centos-announce/2018-May/022839.html> > CESA-2018:1648 Important CentOS 7 java-1.7.0-openjdk Security Update > <https://lists.centos.org/pipermail/centos-announce/2018-May/022838.html> > > An update for qemu-kvm-ev has been also tagged for release and announced > with > CESA-2018:1655 Important: qemu-kvm-ev security update > <https://lists.centos.org/pipermail/centos-virt/2018-May/005804.html> > but due to some issues in CentOS release process for Virt SIG content, it > is not yet available on mirrors. > We are working with CentOS community to get the packages signed and > published as soon as possible. > In the meanwhile you can still get the update package by enabling the test > repository https://buildlogs.centos.org/centos/7/virt/x86_64/kvm-common/ > on your systems or manually installing the package from the repository. > > If you're running oVirt on a different Linux distribution, please check > with your vendor for available updates. > > Please note that to fully mitigate this vulnerability, system > administrators must apply both hardware “microcode” updates and software > patches that enable new functionality. > At this time, microprocessor microcode will be delivered by the individual > manufacturers. > > The oVirt team recommends end users and systems administrator to apply any > available updates as soon as practical. > > Thanks, > -- > > SANDRO BONAZZOLA > > ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R&D > > Red Hat EMEA <https://www.redhat.com/> > > [email protected] > <https://red.ht/sig> > <https://redhat.com/summit> > > > _______________________________________________ > Announce mailing list -- [email protected] > To unsubscribe send an email to [email protected] > > > -- > Nathanaël Blanchet > > Supervision réseau > Pôle Infrastrutures Informatiques227 avenue Professeur-Jean-Louis-Viala > <https://maps.google.com/?q=227+avenue+Professeur-Jean-Louis-Viala&entry=gmail&source=g> > 34193 MONTPELLIER CEDEX 5 > Tél. 33 (0)4 67 54 84 55 > Fax 33 (0)4 67 54 84 [email protected] > > -- SANDRO BONAZZOLA ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R&D Red Hat EMEA <https://www.redhat.com/> [email protected] <https://red.ht/sig> <https://redhat.com/summit>
_______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/KUDMMZG2R2BVL75XXKDLWIIHU53PNFW3/
