Mailinglist Archive: opensuse-updates (130 mails)

< Previous Next >
openSUSE-SU-2013:1953-1: moderate: xen: security and bugfix update to 4.2.3
openSUSE Security Update: xen: security and bugfix update to 4.2.3
______________________________________________________________________________

Announcement ID: openSUSE-SU-2013:1953-1
Rating: moderate
References: #828623 #833251 #833483 #833796 #834751 #835896
#836239 #839596 #839600 #840196 #840592 #841766
#842511 #842512 #842513 #842514 #842515 #845520

Cross-References: CVE-2013-1442 CVE-2013-4355 CVE-2013-4361
CVE-2013-4368 CVE-2013-4369 CVE-2013-4370
CVE-2013-4371 CVE-2013-4375 CVE-2013-4416

Affected Products:
openSUSE 12.3
______________________________________________________________________________

An update that solves 9 vulnerabilities and has 9 fixes is
now available.

Description:


Xen was updated to 4.2.3 c/s 26170 to fix various bugs and
security issues.


Following issues were fixed:
- bnc#845520 - CVE-2013-4416: xen: ocaml xenstored
mishandles oversized message replies
- bnc#833483 - Boot Failure with xen kernel in UEFI mode
with error "No memory for trampoline"

- Improvements to block-dmmd script bnc#828623

- bnc#840196 - MTU size on Dom0 gets reset when booting
DomU with e1000 device

- bnc#840592 - CVE-2013-4355: XSA-63: xen: Information
leaks through I/O instruction emulation
- bnc#841766 - CVE-2013-4361: XSA-66: xen: Information leak
through fbld instruction emulation
- bnc#842511 - CVE-2013-4368: XSA-67: xen: Information leak
through outs instruction emulation
- bnc#842512 - CVE-2013-4369: XSA-68: xen: possible null
dereference when parsing vif ratelimiting info
- bnc#842513 - CVE-2013-4370: XSA-69: xen: misplaced free
in ocaml xc_vcpu_getaffinity stub
- bnc#842514 - CVE-2013-4371: XSA-70: xen: use-after-free
in libxl_list_cpupool under memory pressure
- bnc#842515 - CVE-2013-4375: XSA-71: xen: qemu disk
backend (qdisk) resource leak

- bnc#839596 - CVE-2013-1442: XSA-62: xen: Information leak
on AVX and/or LWP capable CPUs
- bnc#833251 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64
platform and with xen environment, in booting stage ,xen
hypervisor will panic.
- bnc#833796 - Xen: migration broken from xsave-capable to
xsave-incapable host
- bnc#834751 - [HP BCS SLES11 Bug]: In xen, “shutdown –y 0
–h” cannot power off system
- bnc#839600 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64
platform and sles11sp3 with xen environment, xen
hypervisor will panic on multiple blades nPar.

- bnc#833251 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64
platform and with xen environment, in booting stage ,xen
hypervisor will panic.
- bnc#835896 - vcpus not started after upgrading Dom0 from
11SP2 to SP3
- bnc#836239 - SLES 11 SP3 Xen security patch does not
automatically update UEFI boot binary


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.3:

zypper in -t patch openSUSE-2013-1021

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.3 (i586 x86_64):

xen-debugsource-4.2.3_01-1.22.4
xen-devel-4.2.3_01-1.22.4
xen-kmp-default-4.2.3_01_k3.7.10_1.16-1.22.4
xen-kmp-default-debuginfo-4.2.3_01_k3.7.10_1.16-1.22.4
xen-kmp-desktop-4.2.3_01_k3.7.10_1.16-1.22.4
xen-kmp-desktop-debuginfo-4.2.3_01_k3.7.10_1.16-1.22.4
xen-libs-4.2.3_01-1.22.4
xen-libs-debuginfo-4.2.3_01-1.22.4
xen-tools-domU-4.2.3_01-1.22.4
xen-tools-domU-debuginfo-4.2.3_01-1.22.4

- openSUSE 12.3 (x86_64):

xen-4.2.3_01-1.22.4
xen-doc-html-4.2.3_01-1.22.4
xen-doc-pdf-4.2.3_01-1.22.4
xen-libs-32bit-4.2.3_01-1.22.4
xen-libs-debuginfo-32bit-4.2.3_01-1.22.4
xen-tools-4.2.3_01-1.22.4
xen-tools-debuginfo-4.2.3_01-1.22.4

- openSUSE 12.3 (i586):

xen-kmp-pae-4.2.3_01_k3.7.10_1.16-1.22.4
xen-kmp-pae-debuginfo-4.2.3_01_k3.7.10_1.16-1.22.4


References:

http://support.novell.com/security/cve/CVE-2013-1442.html
http://support.novell.com/security/cve/CVE-2013-4355.html
http://support.novell.com/security/cve/CVE-2013-4361.html
http://support.novell.com/security/cve/CVE-2013-4368.html
http://support.novell.com/security/cve/CVE-2013-4369.html
http://support.novell.com/security/cve/CVE-2013-4370.html
http://support.novell.com/security/cve/CVE-2013-4371.html
http://support.novell.com/security/cve/CVE-2013-4375.html
http://support.novell.com/security/cve/CVE-2013-4416.html
https://bugzilla.novell.com/828623
https://bugzilla.novell.com/833251
https://bugzilla.novell.com/833483
https://bugzilla.novell.com/833796
https://bugzilla.novell.com/834751
https://bugzilla.novell.com/835896
https://bugzilla.novell.com/836239
https://bugzilla.novell.com/839596
https://bugzilla.novell.com/839600
https://bugzilla.novell.com/840196
https://bugzilla.novell.com/840592
https://bugzilla.novell.com/841766
https://bugzilla.novell.com/842511
https://bugzilla.novell.com/842512
https://bugzilla.novell.com/842513
https://bugzilla.novell.com/842514
https://bugzilla.novell.com/842515
https://bugzilla.novell.com/845520


< Previous Next >
This Thread
  • No further messages