Security Update for Xen
Following fixes were done:
- bnc#776995 - attaching scsi control luns with pvscsi
- xend/pvscsi: fix passing of SCSI control LUNs
xen-bug776995-pvscsi-no-devname.patch
- xend/pvscsi: fix usage of persistant device names for SCSI devices
xen-bug776995-pvscsi-persistent-names.patch
- xend/pvscsi: update sysfs parser for Linux 3.0
xen-bug776995-pvscsi-sysfs-parser.patch
- bnc#777090 - VUL-0: CVE-2012-3494: xen: hypercall set_debugreg
vulnerability (XSA-12)
CVE-2012-3494-xsa12.patch
- bnc#777091 - VUL-0: CVE-2012-3496: xen: XENMEM_populate_physmap
DoS vulnerability (XSA-14)
CVE-2012-3496-xsa14.patch
- bnc#777084 - VUL-0: CVE-2012-3515: xen: Qemu VT100 emulation
vulnerability (XSA-17)
CVE-2012-3515-xsa17.patch
- bnc#744771 - VM with passed through PCI card fails to reboot
under dom0 load
24888-pci-release-devices.patch
- Upstream patches from Jan
25431-x86-EDD-MBR-sig-check.patch
25459-page-list-splice.patch
25478-x86-unknown-NMI-deadlock.patch
25480-x86_64-sysret-canonical.patch
25481-x86_64-AMD-erratum-121.patch
25485-x86_64-canonical-checks.patch
25587-param-parse-limit.patch
25617-vtd-qinval-addr.patch
25688-x86-nr_irqs_gsi.patch
- bnc#773393 - VUL-0: CVE-2012-3433: xen: HVM guest destroy p2m
teardown host DoS vulnerability
CVE-2012-3433-xsa11.patch
- bnc#773401 - VUL-1: CVE-2012-3432: xen: HVM guest user mode MMIO
emulation DoS
25682-x86-inconsistent-io-state.patch
- bnc#762484 - VUL-1: CVE-2012-2625: xen: pv bootloader doesn't
check the size of the bzip2 or lzma compressed kernel, leading to
denial of service
25589-pygrub-size-limits.patch
-
Submitted by
Charles Arnold (charlesa)
- Reboot is suggested
