File _patchinfo of Package patchinfo.1589
<patchinfo incident="1589"> <issue id="956832" tracker="bnc"> CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list</issue> <issue id="947165" tracker="bnc"> CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142)</issue> <issue id="954018" tracker="bnc"> CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156)</issue> <issue id="956592" tracker="bnc"> xen: virtual PMU is unsupported (XSA-163)</issue> <issue id="954405" tracker="bnc"> CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception (XSA-156)</issue> <issue id="951845" tracker="bnc"> CVE-2015-7972: xen: x86: populate-on-demand balloon size inaccuracy can crash guests (XSA-153)</issue> <issue id="950706" tracker="bnc"> CVE-2015-7971: xen: x86: some pmu and profiling hypercalls log without rate limiting (XSA-152)</issue> <issue id="950705" tracker="bnc"> CVE-2015-7969: xen: x86: leak of per-domain profiling-related vcpu pointer array (DoS) (XSA-151)</issue> <issue id="950704" tracker="bnc"> CVE-2015-7970: xen: x86: Long latency populate-on-demand operation is not preemptible (XSA-150)</issue> <issue id="956411" tracker="bnc"> CVE-2015-7504: xen: heap buffer overflow vulnerability in pcnet emulator (XSA-162)</issue> <issue id="950703" tracker="bnc"> CVE-2015-7969: xen: leak of main per-domain vcpu pointer array (DoS) (XSA-149)</issue> <issue id="956408" tracker="bnc"> CVE-2015-8339, CVE-2015-8340: xen: XENMEM_exchange error handling issues (XSA-159)</issue> <issue id="956409" tracker="bnc"> CVE-2015-8341: xen: libxl leak of pv kernel and initrd on error (XSA-160)</issue> <issue id="CVE-2015-7972" tracker="cve" /> <issue id="CVE-2015-8345" tracker="cve" /> <issue id="CVE-2015-7970" tracker="cve" /> <issue id="CVE-2015-7971" tracker="cve" /> <issue id="CVE-2015-8340" tracker="cve" /> <issue id="CVE-2015-8341" tracker="cve" /> <issue id="CVE-2015-8339" tracker="cve" /> <issue id="CVE-2015-7311" tracker="cve" /> <issue id="CVE-2015-8104" tracker="cve" /> <issue id="CVE-2015-7969" tracker="cve" /> <issue id="CVE-2015-7504" tracker="cve" /> <issue id="CVE-2015-7835" tracker="cve" /> <issue id="CVE-2015-5307" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>charlesa</packager> <description> This update fixes the following security issues: - bsc#956832 - CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list - bsc#956592 - xen: virtual PMU is unsupported (XSA-163) - bsc#956408 - CVE-2015-8339, CVE-2015-8340: xen: XENMEM_exchange error handling issues (XSA-159) - bsc#956409 - CVE-2015-8341: xen: libxl leak of pv kernel and initrd on error (XSA-160) - bsc#956411 - CVE-2015-7504: xen: heap buffer overflow vulnerability in pcnet emulator (XSA-162) - bsc#947165 - CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142) - bsc#954405 - CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception - bsc#954018 - CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156) CVE-2015-5307-xsa156.patch - bsc#950704 - CVE-2015-7970: xen: x86: Long latency populate-on-demand operation is not preemptible (XSA-150) 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch - bsc#951845 - CVE-2015-7972: xen: x86: populate-on-demand balloon size inaccuracy can crash guests (XSA-153) xsa153-libxl.patch xend-xsa153.patch - Drop 5604f239-x86-PV-properly-populate-descriptor-tables.patch - bsc#950703 - CVE-2015-7969: xen: leak of main per-domain vcpu pointer array (DoS) (XSA-149) - bsc#950705 - CVE-2015-7969: xen: x86: leak of per-domain profiling-related vcpu pointer array (DoS) (XSA-151) - bsc#950706 - CVE-2015-7971: xen: x86: some pmu and profiling hypercalls log without rate limiting (XSA-152)</description> <summary>Security update for xen</summary> </patchinfo>
