Jump to content


Photo

[security-announce] SUSE-SU-2012:1487-1: important: Security update for Xen


  • Please log in to reply
No replies to this topic

#1 News

News

    stranger

  • Members
  • 63590 posts

Posted 16 November 2012 - 06:14 PM

SUSE Security Update: Security update for Xen
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:1487-1
Rating: important
References: #651093 #713555 #784087 #786516 #786517
Cross-References: CVE-2012-3497 CVE-2012-4411 CVE-2012-4535
CVE-2012-4536 CVE-2012-4537 CVE-2012-4538
CVE-2012-4539 CVE-2012-4544
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________

An update that fixes 8 vulnerabilities is now available.

Description:


XEN received various security and bugfixes:

* CVE-2012-4535: xen: Timer overflow DoS vulnerability
(XSA-20)
* CVE-2012-4537: xen: Memory mapping failure DoS
vulnerability (XSA-22)

The following additional bugs have beenfixed:

* bnc#784087 - L3: Xen BUG at io_apic.c:129
26102-x86-IOAPIC-legacy-not-first.patch
* Upstream patches from Jan
25927-x86-domctl-ioport-mapping-range.patch
25931-x86-domctl-iomem-mapping-checks.patch
26061-x86-oprof-counter-range.patch
25431-x86-EDD-MBR-sig-check.patch
25480-x86_64-sysret-canonical.patch
25481-x86_64-AMD-erratum-121.patch
25485-x86_64-canonical-checks.patch
25587-param-parse-limit.patch
25589-pygrub-size-limits.patch
25744-hypercall-return-long.patch
25765-x86_64-allow-unsafe-adjust.patch
25773-x86-honor-no-real-mode.patch
25786-x86-prefer-multiboot-meminfo-over-e801.patch
25808-domain_create-return-value.patch
25814-x86_64-set-debugreg-guest.patch
24742-gnttab-misc.patch 25098-x86-emul-lock-UD.patch
25200-x86_64-trap-bounce-flags.patch
25271-x86_64-IST-index.patch
*

bnc#651093 - win2k8 guests are unable to restore
after saving the vms state ept-novell-x64.patch
23800-x86_64-guest-addr-range.patch
24168-x86-vioapic-clear-remote_irr.patch
24453-x86-vIRQ-IRR-TMR-race.patch 24456-x86-emul-lea.patch

*

bnc#713555 - Unable to install RHEL 6.1 x86 as a
paravirtualized guest OS on SLES 10 SP4 x86
vm-install-0.2.19.tar.bz2

Security Issue references:

* CVE-2012-4539

* CVE-2012-3497

* CVE-2012-4411

* CVE-2012-4535

* CVE-2012-4537

* CVE-2012-4536

* CVE-2012-4538

* CVE-2012-4539

* CVE-2012-4544




Package List:

- SUSE Linux Enterprise Server 10 SP4 (x86_64):

xen-3.2.3_17040_42-0.7.2
xen-devel-3.2.3_17040_42-0.7.2
xen-doc-html-3.2.3_17040_42-0.7.2
xen-doc-pdf-3.2.3_17040_42-0.7.2
xen-doc-ps-3.2.3_17040_42-0.7.2
xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
xen-libs-3.2.3_17040_42-0.7.2
xen-libs-32bit-3.2.3_17040_42-0.7.1
xen-tools-3.2.3_17040_42-0.7.2
xen-tools-domU-3.2.3_17040_42-0.7.2
xen-tools-ioemu-3.2.3_17040_42-0.7.2

- SUSE Linux Enterprise Server 10 SP4 (i586):

xen-3.2.3_17040_42-0.7.1
xen-devel-3.2.3_17040_42-0.7.1
xen-doc-html-3.2.3_17040_42-0.7.1
xen-doc-pdf-3.2.3_17040_42-0.7.1
xen-doc-ps-3.2.3_17040_42-0.7.1
xen-kmp-bigsmp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-kdumppae-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-vmi-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-vmipae-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-libs-3.2.3_17040_42-0.7.1
xen-tools-3.2.3_17040_42-0.7.1
xen-tools-domU-3.2.3_17040_42-0.7.1
xen-tools-ioemu-3.2.3_17040_42-0.7.1

- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

xen-3.2.3_17040_42-0.7.2
xen-devel-3.2.3_17040_42-0.7.2
xen-doc-html-3.2.3_17040_42-0.7.2
xen-doc-pdf-3.2.3_17040_42-0.7.2
xen-doc-ps-3.2.3_17040_42-0.7.2
xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
xen-libs-3.2.3_17040_42-0.7.2
xen-libs-32bit-3.2.3_17040_42-0.7.1
xen-tools-3.2.3_17040_42-0.7.2
xen-tools-domU-3.2.3_17040_42-0.7.2
xen-tools-ioemu-3.2.3_17040_42-0.7.2

- SUSE Linux Enterprise Desktop 10 SP4 (i586):

xen-3.2.3_17040_42-0.7.1
xen-devel-3.2.3_17040_42-0.7.1
xen-doc-html-3.2.3_17040_42-0.7.1
xen-doc-pdf-3.2.3_17040_42-0.7.1
xen-doc-ps-3.2.3_17040_42-0.7.1
xen-kmp-bigsmp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-libs-3.2.3_17040_42-0.7.1
xen-tools-3.2.3_17040_42-0.7.1
xen-tools-domU-3.2.3_17040_42-0.7.1
xen-tools-ioemu-3.2.3_17040_42-0.7.1

- SLE SDK 10 SP4 (x86_64):

xen-3.2.3_17040_42-0.7.2
xen-devel-3.2.3_17040_42-0.7.2
xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
xen-libs-3.2.3_17040_42-0.7.2
xen-libs-32bit-3.2.3_17040_42-0.7.1
xen-tools-3.2.3_17040_42-0.7.2
xen-tools-ioemu-3.2.3_17040_42-0.7.2

- SLE SDK 10 SP4 (i586):

xen-3.2.3_17040_42-0.7.1
xen-devel-3.2.3_17040_42-0.7.1
xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
xen-libs-3.2.3_17040_42-0.7.1
xen-tools-3.2.3_17040_42-0.7.1
xen-tools-ioemu-3.2.3_17040_42-0.7.1


References:

http://support.novel...-2012-3497.html
http://support.novel...-2012-4411.html
http://support.novel...-2012-4535.html
http://support.novel...-2012-4536.html
http://support.novel...-2012-4537.html
http://support.novel...-2012-4538.html
http://support.novel...-2012-4539.html
http://support.novel...-2012-4544.html
https://bugzilla.novell.com/651093
https://bugzilla.novell.com/713555
https://bugzilla.novell.com/784087
https://bugzilla.novell.com/786516
https://bugzilla.novell.com/786517
http://download.nove...23444a904a4e0c9

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org
For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org







0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

IPB Skin By Virteq