Mailinglist Archive: opensuse-updates (144 mails)

< Previous Next >
openSUSE-SU-2015:2250-1: moderate: Security update for xen
openSUSE Security Update: Security update for xen
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:2250-1
Rating: moderate
References: #947165 #950704 #954018 #954405
Cross-References: CVE-2015-5307 CVE-2015-7311 CVE-2015-7835
CVE-2015-7970 CVE-2015-8104
Affected Products:
openSUSE 13.2
______________________________________________________________________________

An update that fixes 5 vulnerabilities is now available.

Description:



This update fixes the following security issues:

- bsc#947165 - CVE-2015-7311: xen: libxl fails to honour readonly flag on
disks with qemu-xen (xsa-142)

- bsc#954405 - CVE-2015-8104: Xen: guest to host DoS by triggering an
infinite loop in microcode via #DB exception

- bsc#954018 - CVE-2015-5307: xen: x86: CPU lockup during fault delivery
(XSA-156)

- bsc#950704 - CVE-2015-7970: xen: x86: Long latency populate-on-demand
operation is not preemptible (XSA-150)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.2:

zypper in -t patch openSUSE-2015-893=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.2 (i586 x86_64):

xen-debugsource-4.4.3_04-33.1
xen-devel-4.4.3_04-33.1
xen-libs-4.4.3_04-33.1
xen-libs-debuginfo-4.4.3_04-33.1
xen-tools-domU-4.4.3_04-33.1
xen-tools-domU-debuginfo-4.4.3_04-33.1

- openSUSE 13.2 (x86_64):

xen-4.4.3_04-33.1
xen-doc-html-4.4.3_04-33.1
xen-kmp-default-4.4.3_04_k3.16.7_29-33.1
xen-kmp-default-debuginfo-4.4.3_04_k3.16.7_29-33.1
xen-kmp-desktop-4.4.3_04_k3.16.7_29-33.1
xen-kmp-desktop-debuginfo-4.4.3_04_k3.16.7_29-33.1
xen-libs-32bit-4.4.3_04-33.1
xen-libs-debuginfo-32bit-4.4.3_04-33.1
xen-tools-4.4.3_04-33.1
xen-tools-debuginfo-4.4.3_04-33.1


References:

https://www.suse.com/security/cve/CVE-2015-5307.html
https://www.suse.com/security/cve/CVE-2015-7311.html
https://www.suse.com/security/cve/CVE-2015-7835.html
https://www.suse.com/security/cve/CVE-2015-7970.html
https://www.suse.com/security/cve/CVE-2015-8104.html
https://bugzilla.suse.com/947165
https://bugzilla.suse.com/950704
https://bugzilla.suse.com/954018
https://bugzilla.suse.com/954405


< Previous Next >
This Thread
  • No further messages