openSUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:2249-1 Rating: moderate References: #947165 #950704 #954018 #954405 Cross-References: CVE-2015-3259 CVE-2015-4106 CVE-2015-5154 CVE-2015-5239 CVE-2015-5307 CVE-2015-6815 CVE-2015-7311 CVE-2015-7835 CVE-2015-7970 CVE-2015-8104 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: This update fixes the following security issues: - bsc#947165 - CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142) - bsc#954405 - CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception - bsc#954018 - CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156) - bsc#950704 - CVE-2015-7970 xen: x86: Long latency populate-on-demand operation is not preemptible (XSA-150) 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2015-892=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): xen-debugsource-4.5.2_01-6.1 xen-devel-4.5.2_01-6.1 xen-libs-4.5.2_01-6.1 xen-libs-debuginfo-4.5.2_01-6.1 xen-tools-domU-4.5.2_01-6.1 xen-tools-domU-debuginfo-4.5.2_01-6.1 - openSUSE Leap 42.1 (x86_64): xen-4.5.2_01-6.1 xen-doc-html-4.5.2_01-6.1 xen-kmp-default-4.5.2_01_k4.1.12_1-6.1 xen-kmp-default-debuginfo-4.5.2_01_k4.1.12_1-6.1 xen-libs-32bit-4.5.2_01-6.1 xen-libs-debuginfo-32bit-4.5.2_01-6.1 xen-tools-4.5.2_01-6.1 xen-tools-debuginfo-4.5.2_01-6.1 References: https://www.suse.com/security/cve/CVE-2015-3259.html https://www.suse.com/security/cve/CVE-2015-4106.html https://www.suse.com/security/cve/CVE-2015-5154.html https://www.suse.com/security/cve/CVE-2015-5239.html https://www.suse.com/security/cve/CVE-2015-5307.html https://www.suse.com/security/cve/CVE-2015-6815.html https://www.suse.com/security/cve/CVE-2015-7311.html https://www.suse.com/security/cve/CVE-2015-7835.html https://www.suse.com/security/cve/CVE-2015-7970.html https://www.suse.com/security/cve/CVE-2015-8104.html https://bugzilla.suse.com/947165 https://bugzilla.suse.com/950704 https://bugzilla.suse.com/954018 https://bugzilla.suse.com/954405