File _patchinfo of Package patchinfo.529

<patchinfo incident="529">
  <packager>charlesa</packager>
  <issue tracker="bnc" id="922705">VUL-0: xen: XSA-125: Long latency MMIO mapping operations are not preemptible</issue>
  <issue tracker="bnc" id="922706">VUL-0: xen: XSA-126: Unmediated PCI command register access in qemu</issue>
  <issue tracker="cve" id="CVE-2015-2756">VUL-0: xen: XSA-126: Unmediated PCI command register access in qemu</issue>
  <issue tracker="bnc" id="922709">VUL-0: xen: XSA-127: Certain domctl operations may be abused to lock up the host</issue>
  <issue tracker="bnc" id="921842">Xentop doesn't display disk statistics for VMs using qdisks</issue>
  <issue tracker="bnc" id="923758">xen dmesg contains bogus output in early boot</issue>
  <issue tracker="cve" id="CVE-2015-2752"></issue>
  <issue tracker="cve" id="CVE-2015-2751"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for xen</summary>
  <description>Xen was updated 4.4.2_01 to address three security issues and functional bugs.

The following vulnerabilities were fixed:
- Long latency MMIO mapping operations are not preemptible (XSA-125, CVE-2015-2752, bnc#922705)
- Unmediated PCI command register access in qemu (XSA-126, CVE-2015-2756, bnc#922706)
- Certain domctl operations may be abused to lock up the host (XSA-127, CVE-2015-2751, bnc#922709)

The following non-security bugs were fixed:
- xen dmesg contains bogus output in early boot (bnc#923758)
- Xentop doesn't display disk statistics for VMs using qdisks (bnc#921842)

The following functionality was enabled:
- Enable spice support in qemu for x86_64
- Add Qxl vga support
</description>
  <reboot_needed/>
</patchinfo>