File CVE-2012-4411-xsa19.patch of Package xen.openSUSE_Evergreen_11.4

From: Ian Jackson <ian.jackson@eu.citrix.com>

Disable qemu monitor by default.  The qemu monitor is an overly
powerful feature which must be protected from untrusted (guest)
administrators.

Neither xl nor xend expect qemu to produce this monitor unless it is
explicitly requested.

This is a security problem, XSA-19.  Previously it was CVE-2007-0998
in Red Hat but we haven't dealt with it in upstream.  We hope to have
a new CVE for it here but we don't have one yet.

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>

Index: xen-4.1.3-testing/tools/ioemu-qemu-xen/vl.c
===================================================================
--- xen-4.1.3-testing.orig/tools/ioemu-qemu-xen/vl.c
+++ xen-4.1.3-testing/tools/ioemu-qemu-xen/vl.c
@@ -4910,7 +4910,7 @@ int main(int argc, char **argv, char **e
     kernel_cmdline = "";
     cyls = heads = secs = 0;
     translation = BIOS_ATA_TRANSLATION_AUTO;
-    monitor_device = "vc:80Cx24C";
+    monitor_device = "null";
 
     serial_devices[0] = "vc:80Cx24C";
     for(i = 1; i < MAX_SERIAL_PORTS; i++)