Jump to content
Compatible Support Forums
Sign in to follow this  
news

[security-announce] SUSE-SU-2012:1487-1: important: Security update for Xen

Recommended Posts

SUSE Security Update: Security update for Xen

______________________________________________________________________________

 

Announcement ID: SUSE-SU-2012:1487-1

Rating: important

References: #651093 #713555 #784087 #786516 #786517

Cross-References: CVE-2012-3497 CVE-2012-4411 CVE-2012-4535

CVE-2012-4536 CVE-2012-4537 CVE-2012-4538

CVE-2012-4539 CVE-2012-4544

Affected Products:

SUSE Linux Enterprise Server 10 SP4

SUSE Linux Enterprise Desktop 10 SP4

SLE SDK 10 SP4

______________________________________________________________________________

 

An update that fixes 8 vulnerabilities is now available.

 

Description:

 

 

XEN received various security and bugfixes:

 

* CVE-2012-4535: xen: Timer overflow DoS vulnerability

(XSA-20)

* CVE-2012-4537: xen: Memory mapping failure DoS

vulnerability (XSA-22)

 

The following additional bugs have beenfixed:

 

* bnc#784087 - L3: Xen BUG at io_apic.c:129

26102-x86-IOAPIC-legacy-not-first.patch

* Upstream patches from Jan

25927-x86-domctl-ioport-mapping-range.patch

25931-x86-domctl-iomem-mapping-checks.patch

26061-x86-oprof-counter-range.patch

25431-x86-EDD-MBR-sig-check.patch

25480-x86_64-sysret-canonical.patch

25481-x86_64-AMD-erratum-121.patch

25485-x86_64-canonical-checks.patch

25587-param-parse-limit.patch

25589-pygrub-size-limits.patch

25744-hypercall-return-long.patch

25765-x86_64-allow-unsafe-adjust.patch

25773-x86-honor-no-real-mode.patch

25786-x86-prefer-multiboot-meminfo-over-e801.patch

25808-domain_create-return-value.patch

25814-x86_64-set-debugreg-guest.patch

24742-gnttab-misc.patch 25098-x86-emul-lock-UD.patch

25200-x86_64-trap-bounce-flags.patch

25271-x86_64-IST-index.patch

*

 

bnc#651093 - win2k8 guests are unable to restore

after saving the vms state ept-novell-x64.patch

23800-x86_64-guest-addr-range.patch

24168-x86-vioapic-clear-remote_irr.patch

24453-x86-vIRQ-IRR-TMR-race.patch 24456-x86-emul-lea.patch

 

*

 

bnc#713555 - Unable to install RHEL 6.1 x86 as a

paravirtualized guest OS on SLES 10 SP4 x86

vm-install-0.2.19.tar.bz2

 

Security Issue references:

 

* CVE-2012-4539

 

* CVE-2012-3497

 

* CVE-2012-4411

 

* CVE-2012-4535

 

* CVE-2012-4537

 

* CVE-2012-4536

 

* CVE-2012-4538

 

* CVE-2012-4539

 

* CVE-2012-4544

 

 

 

 

Package List:

 

- SUSE Linux Enterprise Server 10 SP4 (x86_64):

 

xen-3.2.3_17040_42-0.7.2

xen-devel-3.2.3_17040_42-0.7.2

xen-doc-html-3.2.3_17040_42-0.7.2

xen-doc-pdf-3.2.3_17040_42-0.7.2

xen-doc-ps-3.2.3_17040_42-0.7.2

xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2

xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2

xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2

xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2

xen-libs-3.2.3_17040_42-0.7.2

xen-libs-32bit-3.2.3_17040_42-0.7.1

xen-tools-3.2.3_17040_42-0.7.2

xen-tools-domU-3.2.3_17040_42-0.7.2

xen-tools-ioemu-3.2.3_17040_42-0.7.2

 

- SUSE Linux Enterprise Server 10 SP4 (i586):

 

xen-3.2.3_17040_42-0.7.1

xen-devel-3.2.3_17040_42-0.7.1

xen-doc-html-3.2.3_17040_42-0.7.1

xen-doc-pdf-3.2.3_17040_42-0.7.1

xen-doc-ps-3.2.3_17040_42-0.7.1

xen-kmp-bigsmp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-kdumppae-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-vmi-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-vmipae-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-libs-3.2.3_17040_42-0.7.1

xen-tools-3.2.3_17040_42-0.7.1

xen-tools-domU-3.2.3_17040_42-0.7.1

xen-tools-ioemu-3.2.3_17040_42-0.7.1

 

- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

 

xen-3.2.3_17040_42-0.7.2

xen-devel-3.2.3_17040_42-0.7.2

xen-doc-html-3.2.3_17040_42-0.7.2

xen-doc-pdf-3.2.3_17040_42-0.7.2

xen-doc-ps-3.2.3_17040_42-0.7.2

xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2

xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2

xen-libs-3.2.3_17040_42-0.7.2

xen-libs-32bit-3.2.3_17040_42-0.7.1

xen-tools-3.2.3_17040_42-0.7.2

xen-tools-domU-3.2.3_17040_42-0.7.2

xen-tools-ioemu-3.2.3_17040_42-0.7.2

 

- SUSE Linux Enterprise Desktop 10 SP4 (i586):

 

xen-3.2.3_17040_42-0.7.1

xen-devel-3.2.3_17040_42-0.7.1

xen-doc-html-3.2.3_17040_42-0.7.1

xen-doc-pdf-3.2.3_17040_42-0.7.1

xen-doc-ps-3.2.3_17040_42-0.7.1

xen-kmp-bigsmp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-libs-3.2.3_17040_42-0.7.1

xen-tools-3.2.3_17040_42-0.7.1

xen-tools-domU-3.2.3_17040_42-0.7.1

xen-tools-ioemu-3.2.3_17040_42-0.7.1

 

- SLE SDK 10 SP4 (x86_64):

 

xen-3.2.3_17040_42-0.7.2

xen-devel-3.2.3_17040_42-0.7.2

xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2

xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2

xen-libs-3.2.3_17040_42-0.7.2

xen-libs-32bit-3.2.3_17040_42-0.7.1

xen-tools-3.2.3_17040_42-0.7.2

xen-tools-ioemu-3.2.3_17040_42-0.7.2

 

- SLE SDK 10 SP4 (i586):

 

xen-3.2.3_17040_42-0.7.1

xen-devel-3.2.3_17040_42-0.7.1

xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1

xen-libs-3.2.3_17040_42-0.7.1

xen-tools-3.2.3_17040_42-0.7.1

xen-tools-ioemu-3.2.3_17040_42-0.7.1

 

 

References:

 

http://support.novell.com/security/cve/CVE-2012-3497.html

http://support.novell.com/security/cve/CVE-2012-4411.html

http://support.novell.com/security/cve/CVE-2012-4535.html

http://support.novell.com/security/cve/CVE-2012-4536.html

http://support.novell.com/security/cve/CVE-2012-4537.html

http://support.novell.com/security/cve/CVE-2012-4538.html

http://support.novell.com/security/cve/CVE-2012-4539.html

http://support.novell.com/security/cve/CVE-2012-4544.html

https://bugzilla.novell.com/651093

https://bugzilla.novell.com/713555

https://bugzilla.novell.com/784087

https://bugzilla.novell.com/786516

https://bugzilla.novell.com/786517

http://download.novell.com/patch/finder/?keywords=1e9042debead5d88c23444a904a4e0c9

 

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

 

 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×