Mailinglist Archive: opensuse-updates (200 mails)

< Previous Next >
openSUSE-SU-2013:0912-1: moderate: xen up to xsa-47
openSUSE Security Update: xen up to xsa-47
______________________________________________________________________________

Announcement ID: openSUSE-SU-2013:0912-1
Rating: moderate
References: #794316
Cross-References: CVE-2012-5634 CVE-2013-0153 CVE-2013-1917
CVE-2013-1919 CVE-2013-1920
Affected Products:
openSUSE 11.4
______________________________________________________________________________

An update that fixes 5 vulnerabilities is now available.

Description:

XEN was updated to fix security issues:

- CVE-2012-5634: xen: VT-d interrupt remapping source
validation flaw (XSA-33) [bnc#794316]
- CVE-2013-0153: interrupt remap entries shared and old
ones not cleared on AMD IOMMUs (XSA-36)
- CVE-2013-1917: PV DoS vulnerability with SYSENTER (XSA-44)
- CVE-2013-1919: several access permission issues with IRQs
for unprivileged guests (XSA-46)
- CVE-2013-1920: Potential use of freed memory in event
channel operations (XSA-47)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch 2013-70

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64):

xen-4.0.3_05-53.1
xen-debugsource-4.0.3_05-53.1
xen-devel-4.0.3_05-53.1
xen-doc-html-4.0.3_05-53.1
xen-doc-pdf-4.0.3_05-53.1
xen-kmp-default-4.0.3_05_k2.6.37.6_24-53.1
xen-kmp-default-debuginfo-4.0.3_05_k2.6.37.6_24-53.1
xen-kmp-desktop-4.0.3_05_k2.6.37.6_24-53.1
xen-kmp-desktop-debuginfo-4.0.3_05_k2.6.37.6_24-53.1
xen-libs-4.0.3_05-53.1
xen-libs-debuginfo-4.0.3_05-53.1
xen-tools-4.0.3_05-53.1
xen-tools-debuginfo-4.0.3_05-53.1
xen-tools-domU-4.0.3_05-53.1
xen-tools-domU-debuginfo-4.0.3_05-53.1

- openSUSE 11.4 (i586):

xen-kmp-pae-4.0.3_05_k2.6.37.6_24-53.1
xen-kmp-pae-debuginfo-4.0.3_05_k2.6.37.6_24-53.1


References:

http://support.novell.com/security/cve/CVE-2012-5634.html
http://support.novell.com/security/cve/CVE-2013-0153.html
http://support.novell.com/security/cve/CVE-2013-1917.html
http://support.novell.com/security/cve/CVE-2013-1919.html
http://support.novell.com/security/cve/CVE-2013-1920.html
https://bugzilla.novell.com/794316


< Previous Next >
This Thread
  • No further messages