Overview
Security update for xen

This update for xen fixes the following issues:

Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)

- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)

These updates contain the XEN Hypervisor adjustments, that additionaly also use CPU Microcode updates.

The mitigation can be controlled via the "mds" commandline option, see the documentation.

For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736

Other fixes:

- Added code to change LIBXL_HOTPLUG_TIMEOUT at runtime.

The included README has details about the impact of this change (bsc#1120095)

- Fixes in Live migrating PV domUs

An earlier change broke live migration of PV domUs without a device
model. The migration would stall for 10 seconds while the domU was
paused, which caused network connections to drop. Fix this by tracking
the need for a device model within libxl. (bsc#1079730, bsc#1098403, bsc#1111025)

- Libvirt segfault when crash triggered on top of HVM guest (bsc#1120067)

This update was imported from the SUSE:SLE-15:Update update project.

Fixed bugs
bnc#1098403
migration of PV sle12 domU with raw image and without vfb= fails
bnc#1111331
VUL-0: EMBARGOED: CPU issues Q2 2019 aka "Group 4"
bnc#1079730
[migration][xen] xen be: qdisk-51712: error: Failed to get "write" lock
bnc#1120067
Libvirt segfault when crash triggered on top of HVM guest
bnc#1111025
L3: LOST OF PINGS and OUT LOGOUT DURING LIVEMIGRATION
bnc#1027519
Xen: Missing upstream bug fixes
bnc#1120095
L3: SLES 12 SP3 dom0 XEN host Unable to Start SLES11 SP4 VM
CVE-2018-12127
CVE-2018-12126
CVE-2018-12130
CVE-2019-11091
Selected Binaries
openSUSE Build Service is sponsored by
Places