SuSE: 2012:1487-1: important: Xen
Summary
XEN received various security and bugfixes:
* CVE-2012-4535: xen: Timer overflow DoS vulnerability
(XSA-20)
* CVE-2012-4537: xen: Memory mapping failure DoS
vulnerability (XSA-22)
The following additional bugs have beenfixed:
* bnc#784087 - L3: Xen BUG at io_apic.c:129
26102-x86-IOAPIC-legacy-not-first.patch
* Upstream patches from Jan
25927-x86-domctl-ioport-mapping-range.patch
25931-x86-domctl-iomem-mapping-checks.patch
26061-x86-oprof-counter-range.patch
25431-x86-EDD-MBR-sig-check.patch
25480-x86_64-sysret-canonical.patch
25481-x86_64-AMD-erratum-121.patch
25485-x86_64-canonical-checks.patch
25587-param-parse-limit.patch
25589-pygrub-size-limits.patch
25744-hypercall-return-long.patch
25765-x86_64-allow-unsafe-adjust.patch
25773-x86-honor-no-real-mode.patch
25786-x86-prefer-multiboot-meminfo-over-e801.patch
25808-domain_create-return-value.patch
25814-x86_64-set-debugreg-guest.patch
24742-gnttab-misc.patch 25098-x86-emul-lock-UD.patch
25200-x86_64-trap-bounce-flags.patch
25271-x86_64-IST-index.patch
*
bnc#651093 - win2k8 guests are unable to restore
after saving the vms state ept-novell-x64.patch
23800-x86_64-guest-addr-range.patch
24168-x86-vioapic-clear-remote_irr.patch
24453-x86-vIRQ-IRR-TMR-race.patch 24456-x86-emul-lea.patch
*
bnc#713555 - Unable to install RHEL 6.1 x86 as a
paravirtualized guest OS on SLES 10 SP4 x86
vm-install-0.2.19.tar.bz2
Security Issue references:
* CVE-2012-4539
References
#651093 #713555 #784087 #786516 #786517
Cross- CVE-2012-3497 CVE-2012-4411 CVE-2012-4535
CVE-2012-4536 CVE-2012-4537 CVE-2012-4538
CVE-2012-4539 CVE-2012-4544
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
https://www.suse.com/security/cve/CVE-2012-3497.html
https://www.suse.com/security/cve/CVE-2012-4411.html
https://www.suse.com/security/cve/CVE-2012-4535.html
https://www.suse.com/security/cve/CVE-2012-4536.html
https://www.suse.com/security/cve/CVE-2012-4537.html
https://www.suse.com/security/cve/CVE-2012-4538.html
https://www.suse.com/security/cve/CVE-2012-4539.html
https://www.suse.com/security/cve/CVE-2012-4544.html
https://bugzilla.novell.com/651093
https://bugzilla.novell.com/713555
https://bugzilla.novell.com/784087
https://bugzilla.novell.com/786516
https://bugzilla.novell.com/786517
https://login.microfocus.com/nidp/app/login