SUSE-SU-2012:0386-1: Security update for Xen and libvirt
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Mar 19 16:08:13 MDT 2012
SUSE Security Update: Security update for Xen and libvirt
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0386-1
Rating: low
References: #649209 #694863 #725169 #726332 #727515 #732782
#734826 #735403 #736824 #739585 #740165
Cross-References: CVE-2012-0029
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that solves one vulnerability and has 10 fixes is
now available. It includes one version update.
Description:
This collective update 2012/02 for Xen provides fixes for
the following reports:
Xen:
* 740165: Fix heap overflow in e1000 device emulation
(applicable to Xen qemu - CVE-2012-0029)
* 739585: Xen block-attach fails after repeated
attach/detach
* 727515: Fragmented packets hang network boot of HVM
guest
* 736824: Microcode patches for AMD's 15h processors
panic the system
* 732782: xm create hangs when maxmen value is enclosed
in "quotes"
* 734826: xm rename doesn't work anymore
* 694863: kexec fails in xen
* 726332: Fix considerable performance hit by previous
changeset
* 649209: Fix slow Xen live migrations
libvirt
* 735403: Fix connection with virt-manager as normal
user
virt-utils
* Add Support for creating images that can be run on
Microsoft Hyper-V host (Fix vpc file format. Add support
for fixed disks)
Security Issue references:
* CVE-2012-0029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029
>
Indications:
Every Xen user should update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-xen-201202-5796
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-xen-201202-5796
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-xen-201202-5796
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-xen-201202-5796
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
libvirt-devel-0.7.6-1.29.2
xen-devel-4.0.3_21548_02-0.5.2
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
xen-kmp-trace-4.0.3_21548_02_2.6.32.54_0.3-0.5.2
- SUSE Linux Enterprise Server 11 SP1 (i586 x86_64) [New Version: 1.1.3]:
libvirt-0.7.6-1.29.2
libvirt-doc-0.7.6-1.29.2
libvirt-python-0.7.6-1.29.2
virt-utils-1.1.3-1.5.1
xen-4.0.3_21548_02-0.5.2
xen-doc-html-4.0.3_21548_02-0.5.2
xen-doc-pdf-4.0.3_21548_02-0.5.2
xen-kmp-default-4.0.3_21548_02_2.6.32.54_0.3-0.5.2
xen-kmp-trace-4.0.3_21548_02_2.6.32.54_0.3-0.5.2
xen-libs-4.0.3_21548_02-0.5.2
xen-tools-4.0.3_21548_02-0.5.2
xen-tools-domU-4.0.3_21548_02-0.5.2
- SUSE Linux Enterprise Server 11 SP1 (i586):
xen-kmp-pae-4.0.3_21548_02_2.6.32.54_0.3-0.5.2
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.1.3]:
libvirt-0.7.6-1.29.2
libvirt-doc-0.7.6-1.29.2
libvirt-python-0.7.6-1.29.2
virt-utils-1.1.3-1.5.1
xen-4.0.3_21548_02-0.5.2
xen-kmp-default-4.0.3_21548_02_2.6.32.54_0.3-0.5.2
xen-libs-4.0.3_21548_02-0.5.2
xen-tools-4.0.3_21548_02-0.5.2
xen-tools-domU-4.0.3_21548_02-0.5.2
- SUSE Linux Enterprise Desktop 11 SP1 (i586):
xen-kmp-pae-4.0.3_21548_02_2.6.32.54_0.3-0.5.2
References:
http://support.novell.com/security/cve/CVE-2012-0029.html
https://bugzilla.novell.com/649209
https://bugzilla.novell.com/694863
https://bugzilla.novell.com/725169
https://bugzilla.novell.com/726332
https://bugzilla.novell.com/727515
https://bugzilla.novell.com/732782
https://bugzilla.novell.com/734826
https://bugzilla.novell.com/735403
https://bugzilla.novell.com/736824
https://bugzilla.novell.com/739585
https://bugzilla.novell.com/740165
http://download.novell.com/patch/finder/?keywords=cc26db394df4e1893e567ae94e3d664f
More information about the sle-security-updates
mailing list