On Mon, May 28, 2018 at 3:40 PM, Nathanaël Blanchet <[email protected]> wrote:
> XP has reached is end of life in may 14 and Microsoft decided to release > an exceptionnal update because of a critical leak last year... so all is > possible when it is about criticity! > All is indeed possible. We always welcome contribution to the oVirt project, and you can send patches that backport the 4.2 patches to 4.1 and build it. Y. > https://www.microsoft.com/en-us/download/details.aspx?id=18770 > > Le 28/05/2018 à 14:23, Sandro Bonazzola a écrit : > > > > 2018-05-28 14:07 GMT+02:00 Nathanaël Blanchet <[email protected]>: > >> Hello, >> >> Will a 4.1.9.x security update be released for those who can't migrate to >> 4.2.3.7 for any reasons? >> > No. oVirt 4.1 reached end of life with 4.1.9 https://lists.ovirt.org/ > pipermail/announce/2018-January/000383.html > Please consider updating to 4.2 as soon as practical / possible. > > > >> >> Le 23/05/2018 à 16:57, Sandro Bonazzola a écrit : >> >> As you may have already heard, an industry-wide issue was found in the >> way many modern microprocessor designs have implemented speculative >> execution of Load & Store instructions. >> This issue is well described by CVE-2018-3639 announce available at >> https://access.redhat.com/security/cve/cve-2018-3639. >> >> oVirt team has released right now an update of ovirt-engine to version >> 4.2.3.7 which add support for SSBD CPUs in order to mitigate the security >> issue. >> >> If you are running oVirt on Red Hat Enterprise Linux, please apply >> updates described in https://access.redhat.com/security/cve/cve-2018-3639 >> . >> >> If you are running oVirt on CentOS Linux please apply updated described >> by: >> CESA-2018:1629 Important CentOS 7 kernel Security Update >> <https://lists.centos.org/pipermail/centos-announce/2018-May/022843.html> >> >> CESA-2018:1632 Important CentOS 7 libvirt Security Update >> <https://lists.centos.org/pipermail/centos-announce/2018-May/022840.html> >> CESA-2018:1649 Important CentOS 7 java-1.8.0-openjdk Security Update >> <https://lists.centos.org/pipermail/centos-announce/2018-May/022839.html> >> >> CESA-2018:1648 Important CentOS 7 java-1.7.0-openjdk Security Update >> <https://lists.centos.org/pipermail/centos-announce/2018-May/022838.html> >> >> >> An update for qemu-kvm-ev has been also tagged for release and announced >> with >> CESA-2018:1655 Important: qemu-kvm-ev security update >> <https://lists.centos.org/pipermail/centos-virt/2018-May/005804.html> >> but due to some issues in CentOS release process for Virt SIG content, it >> is not yet available on mirrors. >> We are working with CentOS community to get the packages signed and >> published as soon as possible. >> In the meanwhile you can still get the update package by enabling the >> test repository https://buildlogs.centos.org/centos/7/virt/x86_64 >> /kvm-common/ on your systems or manually installing the package from the >> repository. >> >> If you're running oVirt on a different Linux distribution, please check >> with your vendor for available updates. >> >> Please note that to fully mitigate this vulnerability, system >> administrators must apply both hardware “microcode” updates and software >> patches that enable new functionality. >> At this time, microprocessor microcode will be delivered by the >> individual manufacturers. >> >> The oVirt team recommends end users and systems administrator to apply >> any available updates as soon as practical. >> >> Thanks, >> -- >> >> SANDRO BONAZZOLA >> >> ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R&D >> >> Red Hat EMEA <https://www.redhat.com/> >> >> [email protected] >> <https://red.ht/sig> >> <https://redhat.com/summit> >> >> >> _______________________________________________ >> Announce mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> >> >> -- >> Nathanaël Blanchet >> >> Supervision réseau >> Pôle Infrastrutures Informatiques227 avenue Professeur-Jean-Louis-Viala >> <https://maps.google.com/?q=227+avenue+Professeur-Jean-Louis-Viala&entry=gmail&source=g> >> 34193 MONTPELLIER CEDEX 5 >> Tél. 33 (0)4 67 54 84 55 >> Fax 33 (0)4 67 54 84 [email protected] >> >> > > > -- > > SANDRO BONAZZOLA > > ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R&D > > Red Hat EMEA <https://www.redhat.com/> > > [email protected] > <https://red.ht/sig> > <https://redhat.com/summit> > > > -- > Nathanaël Blanchet > > Supervision réseau > Pôle Infrastrutures Informatiques > 227 avenue Professeur-Jean-Louis-Viala > 34193 MONTPELLIER CEDEX 5 > Tél. 33 (0)4 67 54 84 55 > Fax 33 (0)4 67 54 84 [email protected] > > > _______________________________________________ > Users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Privacy Statement: https://www.ovirt.org/site/privacy-policy/ > oVirt Code of Conduct: https://www.ovirt.org/community/about/community- > guidelines/ > List Archives: https://lists.ovirt.org/archives/list/[email protected]/ > message/JU2IA6ZZAVZVVWSYCF3RL62S2KMQVEXJ/ > >
_______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/IT3D6JI5BUMBT2PSNFLPUFDT3NEJBWXU/
