Mailinglist Archive: opensuse-updates (130 mails)

< Previous Next >
openSUSE-SU-2013:1876-1: moderate: xen: security and bugfix update
openSUSE Security Update: xen: security and bugfix update
______________________________________________________________________________

Announcement ID: openSUSE-SU-2013:1876-1
Rating: moderate
References: #845520 #848657 #849665 #849667 #849668 #851386
#851749
Cross-References: CVE-2013-4416 CVE-2013-4494 CVE-2013-4551
CVE-2013-4553 CVE-2013-4554
Affected Products:
openSUSE 13.1
______________________________________________________________________________

An update that solves 5 vulnerabilities and has two fixes
is now available.

Description:


Xen was updated to 4.3.1 and also to fix various security
issues and bugs:

- bnc#851749 - Xen service file does not call xend properly
xend.service

- Add missing requires to pciutils package for xend-tools

- bnc#851386 - xen: XSA-78: Insufficient TLB flushing in
VT-d (iommu) code

- Make -devel package depend on libuuid-devel, since
libxl.h includes uuid.h

- bnc#849667 - CVE-2013-4553: xen: XSA-74: Lock order
reversal between page_alloc_lock and mm_rwlock

- bnc#849665 - CVE-2013-4551: xen: XSA-75: Host crash due
to guest VMX instruction execution

- bnc#849668 - CVE-2013-4554: xen: XSA-76: Hypercalls
exposed to privilege rings 1 and 2 of HVM guests

- bnc#848657 - xen: CVE-2013-4494: XSA-73: Lock order
reversal between page allocation and grant table locks

- Update to Xen 4.3.1

- bnc#845520 - CVE-2013-4416: xen: ocaml xenstored
mishandles oversized message replies


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2013-968

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.1 (i586 x86_64):

xen-debugsource-4.3.1_02-4.4
xen-devel-4.3.1_02-4.4
xen-kmp-default-4.3.1_02_k3.11.6_4-4.4
xen-kmp-default-debuginfo-4.3.1_02_k3.11.6_4-4.4
xen-kmp-desktop-4.3.1_02_k3.11.6_4-4.4
xen-kmp-desktop-debuginfo-4.3.1_02_k3.11.6_4-4.4
xen-libs-4.3.1_02-4.4
xen-libs-debuginfo-4.3.1_02-4.4
xen-tools-domU-4.3.1_02-4.4
xen-tools-domU-debuginfo-4.3.1_02-4.4

- openSUSE 13.1 (x86_64):

xen-4.3.1_02-4.4
xen-doc-html-4.3.1_02-4.4
xen-libs-32bit-4.3.1_02-4.4
xen-libs-debuginfo-32bit-4.3.1_02-4.4
xen-tools-4.3.1_02-4.4
xen-tools-debuginfo-4.3.1_02-4.4
xen-xend-tools-4.3.1_02-4.4
xen-xend-tools-debuginfo-4.3.1_02-4.4

- openSUSE 13.1 (i586):

xen-kmp-pae-4.3.1_02_k3.11.6_4-4.4
xen-kmp-pae-debuginfo-4.3.1_02_k3.11.6_4-4.4


References:

http://support.novell.com/security/cve/CVE-2013-4416.html
http://support.novell.com/security/cve/CVE-2013-4494.html
http://support.novell.com/security/cve/CVE-2013-4551.html
http://support.novell.com/security/cve/CVE-2013-4553.html
http://support.novell.com/security/cve/CVE-2013-4554.html
https://bugzilla.novell.com/845520
https://bugzilla.novell.com/848657
https://bugzilla.novell.com/849665
https://bugzilla.novell.com/849667
https://bugzilla.novell.com/849668
https://bugzilla.novell.com/851386
https://bugzilla.novell.com/851749


< Previous Next >
This Thread
  • No further messages