File _patchinfo of Package patchinfo.7999

<patchinfo incident="7999">
  <issue tracker="bnc" id="1097521">VUL-0: CVE-2018-12891: xen: preemption checks bypassed in x86 PV MM handling (XSA-264)</issue>
  <issue tracker="bnc" id="1097522">VUL-0: CVE-2018-12893: xen: x86: #DB exception safety check can be triggered by a guest (XSA-265)</issue>
  <issue tracker="bnc" id="1096224">VUL-0: CVE-2018-11806: xen: slirp: heap buffer overflow while reassembling fragmented datagrams</issue>
  <issue tracker="bnc" id="1079730">[migration][xen] xen be: qdisk-51712: error: Failed to get "write" lock</issue>
  <issue tracker="bnc" id="1027519">Xen: Missing upstream bug fixes</issue>
  <issue tracker="bnc" id="1098744">VUL-0: CVE-2018-12617: xen:   qemu-guest-agent: Integer overflow causes segmentation fault in qmp_guest_file_read() with g_malloc()</issue>
  <issue tracker="bnc" id="1095242">VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore (XSA-267)</issue>
  <issue tracker="cve" id="2018-12617"/>
  <issue tracker="cve" id="2018-3665"/>
  <issue tracker="cve" id="2018-11806"/>
  <issue tracker="cve" id="2018-12891"/>
  <issue tracker="cve" id="2018-12893"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>charlesa</packager>
  <description>This update for xen fixes the following issues:

Security issues fixed:

- CVE-2018-12617: Fix integer overflow that causes segmentation fault in qmp_guest_file_read() with g_malloc() (bsc#1098744).
- CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242).
- CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224).
- CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521).
- CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522).

Bug fixes:

- bsc#1079730: Fix failed "write" lock.
- bsc#1027519: Add upstream patches from January.
</description>
  <summary>Security update for xen</summary>
</patchinfo>