Overview

File _patchinfo of Package patchinfo.1160

<patchinfo incident="1160">
  <packager>charlesa</packager>
  <issue tracker="bnc" id="792476">efi files missing in latest XEN update</issue>
  <issue tracker="bnc" id="777628">guest "disappears" after live migration</issue>
  <issue tracker="bnc" id="789988">FATAL PAGE FAULT in hypervisor (arch_do_domctl)</issue>
  <issue tracker="cve" id="CVE-2012-5515"></issue>
  <issue tracker="bnc" id="789950">VUL-0: CVE-2012-5515: xen: Several memory hypercall operations allow invalid extent order values (XSA-31)</issue>
  <issue tracker="bnc" id="789948">VUL-0: CVE-2012-5514: xen: Missing unlock in guest_physmap_mark_populate_on_demand() (XSA-30)</issue>
  <issue tracker="cve" id="CVE-2012-5514"></issue>
  <issue tracker="cve" id="CVE-2012-5513"></issue>
  <issue tracker="bnc" id="789951">VUL-0: CVE-2012-5513: xen: XENMEM_exchange may overwrite hypervisor memory (XSA-29)</issue>
  <issue tracker="bnc" id="789940">VUL-0: CVE-2012-5512: xen: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak (XSA-28)</issue>
  <issue tracker="cve" id="CVE-2012-5512"></issue>
  <issue tracker="bnc" id="789945">VUL-0: CVE-2012-5510: xen: Grant table version switch list corruption vulnerability (XSA-26)</issue>
  <issue tracker="cve" id="CVE-2012-5510"></issue>
  <issue tracker="bnc" id="789944">VUL-0: CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs (XSA-27)</issue>
  <issue tracker="cve" id="CVE-2012-5511"></issue>
  <category>security</category>
  <rating>important</rating>
  <summary>xen: security update to fix various denial of service issues</summary>
  <description>This update of XEN fixes various denial of service bugs.


- bnc#789945 - CVE-2012-5510: xen: Grant table version
  switch list corruption vulnerability (XSA-26)

- bnc#789944 - CVE-2012-5511: xen: Several HVM operations do
  not validate the range of their inputs (XSA-27)

- bnc#789940 - CVE-2012-5512: xen: HVMOP_get_mem_access
  crash / HVMOP_set_mem_access information leak (XSA-28)

- bnc#789951 - CVE-2012-5513: xen: XENMEM_exchange may
  overwrite hypervisor memory (XSA-29)

- bnc#789948 - CVE-2012-5514: xen: Missing unlock in
  guest_physmap_mark_populate_on_demand() (XSA-30)

- bnc#789950 - CVE-2012-5515: xen: Several memory hypercall
  operations allow invalid extent order values (XSA-31)

- bnc#789988 - FATAL PAGE FAULT in hypervisor (arch_do_domctl)
  25931-x86-domctl-iomem-mapping-checks.patch

- Upstream patches from Jan
  26132-tmem-save-NULL-check.patch
  26134-x86-shadow-invlpg-check.patch
  26148-vcpu-timer-overflow.patch (Replaces CVE-2012-4535-xsa20.patch)
  26149-x86-p2m-physmap-error-path.patch (Replaces CVE-2012-4537-xsa22.patch)
  26150-x86-shadow-unhook-toplevel-check.patch (Replaces CVE-2012-4538-xsa23.patch)
  26151-gnttab-compat-get-status-frames.patch (Replaces CVE-2012-4539-xsa24.patch)


- bnc#777628 - guest "disappears" after live migration
  Updated block-dmmd script

- Fix exception in balloon.py and osdep.py
  xen-max-free-mem.diff

- bnc#792476 - efi files missing in latest XEN update
  Revert c/s 25751 EFI Makefile changes in 23614-x86_64-EFI-boot.patch
</description>
  <reboot_needed/>
</patchinfo>
openSUSE Build Service is sponsored by
Places