Overview

File _patchinfo of Package patchinfo.8078

<patchinfo incident="8078">
  <issue tracker="bnc" id="1097521">VUL-0: CVE-2018-12891: xen: preemption checks bypassed in x86 PV MM handling (XSA-264)</issue>
  <issue tracker="bnc" id="1097523">VUL-0: CVE-2018-12892: xen: libxl fails to honour readonly flag on HVM emulated SCSI disks (XSA-266)</issue>
  <issue tracker="bnc" id="1097522">VUL-0: CVE-2018-12893: xen: x86: #DB exception safety check can be triggered by a guest (XSA-265)</issue>
  <issue tracker="bnc" id="1096224">VUL-0: CVE-2018-11806: xen: slirp: heap buffer overflow while reassembling fragmented datagrams</issue>
  <issue tracker="bnc" id="1027519">Xen: Missing upstream bug fixes</issue>
  <issue tracker="bnc" id="1087289">Xen BUG at sched_credit.c:1663</issue>
  <issue tracker="bnc" id="1094725">`virsh blockresize` does not work with Xen qdisks</issue>
  <issue tracker="bnc" id="1095242">VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore (XSA-267)</issue>
  <issue tracker="cve" id="2018-3665"/>
  <issue tracker="cve" id="2018-11806"/>
  <issue tracker="cve" id="2018-12891"/>
  <issue tracker="cve" id="2018-12892"/>
  <issue tracker="cve" id="2018-12893"/>
  <issue tracker="fate" id="325467"/>
  <category>security</category>
  <rating>important</rating>
  <packager>charlesa</packager>
  <description>This update for xen fixes the following issues:

Security issues fixed:

- CVE-2018-12891: Fix preemption checks bypass in x86 PV MM handling (XSA-264) (bsc#1097521).
- CVE-2018-12892: Fix libxl failure to honour readonly flag on HVM emulated SCSI disks (XSA-266) (bsc#1097523).
- CVE-2018-12893: Fix #DB exception safety check that could be triggered by a guest (XSA-265) (bsc#1097522).
- CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224).
- CVE-2018-3665: Fix lazy FP Save/Restore (XSA-267) (bsc#1095242).

Bug fixes:

- bsc#1027519: Update to Xen 4.7.6 bug fix only release.
- bsc#1087289: Xen BUG at sched_credit.c:1663.
- bsc#1094725: `virsh blockresize` does not work with Xen qdisks.
</description>
  <summary>Security update for xen</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places