Overview

File _patchinfo of Package patchinfo.1588

<patchinfo incident="1588">
  <issue id="956832" tracker="bnc">CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list</issue>
  <issue id="947165" tracker="bnc">CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142)</issue>
  <issue id="954018" tracker="bnc">CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156)</issue>
  <issue id="956592" tracker="bnc">xen: virtual PMU is unsupported (XSA-163)</issue>
  <issue id="954405" tracker="bnc">CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception (XSA-156)</issue>
  <issue id="956411" tracker="bnc">CVE-2015-7504: xen: heap buffer overflow vulnerability in pcnet emulator (XSA-162)</issue>
  <issue id="956408" tracker="bnc">CVE-2015-8339, CVE-2015-8340: xen: XENMEM_exchange error handling issues (XSA-159)</issue>
  <issue id="956409" tracker="bnc">CVE-2015-8341: xen: libxl leak of pv kernel and initrd on error (XSA-160)</issue>
  <issue id="CVE-2015-8345" tracker="cve" />
  <issue id="CVE-2015-7504" tracker="cve" />
  <issue id="CVE-2015-8340" tracker="cve" />
  <issue id="CVE-2015-8341" tracker="cve" />
  <issue id="CVE-2015-5239" tracker="cve" />
  <issue id="CVE-2015-8339" tracker="cve" />
  <issue id="CVE-2015-8104" tracker="cve" />
  <issue id="CVE-2015-4106" tracker="cve" />
  <issue id="CVE-2015-5154" tracker="cve" />
  <issue id="CVE-2015-7311" tracker="cve" />
  <issue id="CVE-2015-3259" tracker="cve" />
  <issue id="CVE-2015-7835" tracker="cve" />
  <issue id="CVE-2015-5307" tracker="cve" />
  <issue id="CVE-2015-6815" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>charlesa</packager>
  <description>

This update fixes the following security issues:

- bsc#956832 -  CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list

- Revert x86/IO-APIC: don't create pIRQ mapping from masked RTE until kernel maintenance release goes out.

- bsc#956592 -  xen: virtual PMU is unsupported (XSA-163)

- bsc#956408 -  CVE-2015-8339, CVE-2015-8340: xen: XENMEM_exchange error handling issues (XSA-159)

- bsc#956409 -  CVE-2015-8341: xen: libxl leak of pv kernel and initrd on error (XSA-160)

- bsc#956411 -  CVE-2015-7504: xen: heap buffer overflow vulnerability in pcnet emulator (XSA-162)

- bsc#947165 -  CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142)

- bsc#954405 -  CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception

- bsc#954018 -  CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156)
</description>
  <summary>Security update for xen</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places