openSUSE alert openSUSE-SU-2011:0580-1 (xen) [LWN.net]


From:
    	       opensuse-security@opensuse.org 
To:
    	       opensuse-updates@opensuse.org 
Subject:
    	       openSUSE-SU-2011:0580-1: moderate: xen 
Date:
    	       Wed,  1 Jun 2011 01:08:12 +0200 (CEST)
Message-ID:
    	       <20110531230812.1815D322A1@maintenance.suse.de>
Archive-link:
    	       Article, Thread
              
   openSUSE Security Update: xen
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2011:0580-1
Rating:             moderate
References:         #623680 #665610 #672833 #675363 #675817 #678152 
                    #678229 #678871 #679344 #680824 #687981 #688473 
                    #688757 #691238 
Cross-References:   CVE-2011-1146 CVE-2011-1166 CVE-2011-1486
                    CVE-2011-1583
Affected Products:
                    openSUSE 11.3
______________________________________________________________________________

   An update that solves four vulnerabilities and has 10 fixes
   is now available. It includes one version update.

Description:

   Collective May/2011 update for Xen

   Xen:

   - 691238 - L3: question on behaviour change xm list
   - 623680 - xen kernel freezes during boot when processor
   module is loaded
   - 680824 - dom0 can't recognize boot disk when IOMMU is
   enabled
   - 688473 - VUL-0: potential buffer overflow in tools
   - 679344 - VUL-0: Xen: multi-vCPU pv guest may crash host
   - 687981 - L3: mistyping model type when defining VIF
   crashes
   - 675817 - Kernel panic when creating HVM guests on AMD
   platforms with XSAVE
   - 678871 - dom0 hangs long time when starting hvm guests
   with memory >= 64GB
   - 675363 - Random lockups with kernel-xen. Possibly
   graphics related
   - 678229 - restore of sles HVM fails
   - 672833 - xen-tools bug causing problems with Ubuntu 10.10
   under Xen 4.
   - 665610 - xm console > 1 to same VM messes up both consoles

   vm-install:

   - 688757 - SLED10SP4 fully virtualized in SLES10SP4 XEN -
   kernel panic
   - 678152 - Xen: virt-manager: harmless block device admin
   actions on FV guests mess up network (VIF) device type
   ==> network lost.


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.3:

      zypper in -t patch xen-201105-4525

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.3 (i586 x86_64) [New Version: 0.4.30]:

      vm-install-0.4.30-0.4.1
      xen-4.0.1_21326_08-0.7.1
      xen-devel-4.0.1_21326_08-0.7.1
      xen-doc-html-4.0.1_21326_08-0.7.1
      xen-doc-pdf-4.0.1_21326_08-0.7.1
      xen-kmp-default-4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
      xen-kmp-desktop-4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
      xen-libs-4.0.1_21326_08-0.7.1
      xen-tools-4.0.1_21326_08-0.7.1
      xen-tools-domU-4.0.1_21326_08-0.7.1

   - openSUSE 11.3 (i586):

      xen-kmp-pae-4.0.1_21326_08_k2.6.34.8_0.2-0.7.1


References:

   http://support.novell.com/security/cve/CVE-2011-1146.html
   http://support.novell.com/security/cve/CVE-2011-1166.html
   http://support.novell.com/security/cve/CVE-2011-1486.html
   http://support.novell.com/security/cve/CVE-2011-1583.html
   https://bugzilla.novell.com/623680
   https://bugzilla.novell.com/665610
   https://bugzilla.novell.com/672833
   https://bugzilla.novell.com/675363
   https://bugzilla.novell.com/675817
   https://bugzilla.novell.com/678152
   https://bugzilla.novell.com/678229
   https://bugzilla.novell.com/678871
   https://bugzilla.novell.com/679344
   https://bugzilla.novell.com/680824
   https://bugzilla.novell.com/687981
   https://bugzilla.novell.com/688473
   https://bugzilla.novell.com/688757
   https://bugzilla.novell.com/691238
(Log in to post comments)