openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

xen: Collective May/2011 update

Collective May/2011 update for Xen

Xen:
- 675363 - Random lockups with kernel-xen. Possibly
graphics related.
- 679344 - Xen: multi-vCPU pv guest may crash host
- 681044 - update xenpaging.autostart.patch
- 681302 - xm create -x returns "ImportError: No
module named ext"
- 688473 - potential buffer overflow in tools
- 691738 - Xen does not find device create with npiv block

vm-install:

- 688757 - SLED10SP4 fully virtualized in SLES10SP4 XEN -
kernel panic
- 678152 - Xen: virt-manager: harmless block device admin
actions on FV guests mess up network (VIF) device type
==> network lost.
- 631680 - OpenSUSE 11.3 KVM install of windows xp fails on
first reboot during installation.

Submitted by Adrian Schröter (adrianSuSE)
Version 4534

Fixed bugs

bnc#631680

OpenSUSE 11.3 KVM install of windows xp fails on first reboot during installation

bnc#678152

Xen: virt-manager: harmless block device admin actions on FV guests mess up network (VIF) device type ==> network lost.

bnc#688757

SLED10SP4 fully virtualized in SLES10SP4 XEN - kernel panic

bnc#675363

Random lockups with kernel-xen. Possibly graphics related

bnc#679344

VUL-0: Xen: multi-vCPU pv guest may crash host

bnc#681044

xend: new zombie process around

bnc#681302

xm create -x <guest> returns "ImportError: No module named ext"

bnc#688473

VUL-0: xen: potential buffer overflow in xc_try_bzip2_decode() and xc_try_lzma_decode()

bnc#691238

question on behaviour change xm list

bnc#691738

Xen does not find device create with npiv block

CVE#CVE-2011-1146

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2

CVE#CVE-2011-1486

libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.

CVE#CVE-2011-1166

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

CVE#CVE-2011-1583

Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer o

Places

Fixed bugs

Selected Binaries

Places