Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="1093">
  <packager>charlesa</packager>
  <category>security</category>
  <rating>important</rating>
  <summary>XEN: security and bugfix update</summary>
  <description>
This security update of XEN fixes various bugs and security issues.

- Upstream patch
  26088-xend-xml-filesize-check.patch

- bnc#787163 - CVE-2012-4544: xen: Domain builder Out-of-
  memory due to malicious kernel/ramdisk (XSA 25)
  CVE-2012-4544-xsa25.patch
- bnc#779212 - CVE-2012-4411: XEN / qemu: guest
  administrator can access qemu monitor console (XSA-19)
  CVE-2012-4411-xsa19.patch

- bnc#786516 - CVE-2012-4535: xen: Timer overflow DoS
  vulnerability
  CVE-2012-4535-xsa20.patch
- bnc#786518 - CVE-2012-4536: xen: pirq range check DoS
  vulnerability
  CVE-2012-4536-xsa21.patch
- bnc#786517 - CVE-2012-4537: xen: Memory mapping failure
  DoS vulnerability
  CVE-2012-4537-xsa22.patch
- bnc#786519 - CVE-2012-4538: xen: Unhooking empty PAE
  entries DoS vulnerability
  CVE-2012-4538-xsa23.patch
- bnc#786520 - CVE-2012-4539: xen: Grant table hypercall
  infinite loop DoS vulnerability
  CVE-2012-4539-xsa24.patch
- bnc#784087 - L3: Xen BUG at io_apic.c:129
  26102-x86-IOAPIC-legacy-not-first.patch
- Upstream patches from Jan
  26054-x86-AMD-perf-ctr-init.patch
  26055-x86-oprof-hvm-mode.patch
  26056-page-alloc-flush-filter.patch
  26061-x86-oprof-counter-range.patch
  26062-ACPI-ERST-move-data.patch
  26063-x86-HPET-affinity-lock.patch
  26093-HVM-PoD-grant-mem-type.patch

- Upstream patches from Jan
  25931-x86-domctl-iomem-mapping-checks.patch
  25952-x86-MMIO-remap-permissions.patch

-------------------------------------------------------------------
Mon Sep 24 16:41:58 CEST 2012 - ohering@suse.de

- use BuildRequires: gcc46 only in sles11sp2 or 12.1 to fix build
  in 11.4

-------------------------------------------------------------------
Thu Sep 20 10:03:40 MDT 2012 - carnold@novell.com

- Upstream patches from Jan
  25808-domain_create-return-value.patch
  25814-x86_64-set-debugreg-guest.patch
  25815-x86-PoD-no-bug-in-non-translated.patch
  25816-x86-hvm-map-pirq-range-check.patch
  25833-32on64-bogus-pt_base-adjust.patch
  25834-x86-S3-MSI-resume.patch
  25835-adjust-rcu-lock-domain.patch
  25836-VT-d-S3-MSI-resume.patch
  25850-tmem-xsa-15-1.patch
  25851-tmem-xsa-15-2.patch
  25852-tmem-xsa-15-3.patch
  25853-tmem-xsa-15-4.patch
  25854-tmem-xsa-15-5.patch
  25855-tmem-xsa-15-6.patch
  25856-tmem-xsa-15-7.patch
  25857-tmem-xsa-15-8.patch
  25858-tmem-xsa-15-9.patch
  25859-tmem-missing-break.patch
  25860-tmem-cleanup.patch
  25883-pt-MSI-cleanup.patch
  25927-x86-domctl-ioport-mapping-range.patch
  25929-tmem-restore-pool-version.patch

- bnc#778105 - first XEN-PV VM fails to spawn
  xend: Increase wait time for disk to appear in host bootloader
  Modified existing xen-domUloader.diff

- Upstream patches from Jan
  25752-ACPI-pm-op-valid-cpu.patch
  25754-x86-PoD-early-access.patch
  25755-x86-PoD-types.patch
  25756-x86-MMIO-max-mapped-pfn.patch
  25757-x86-EPT-PoD-1Gb-assert.patch
  25764-x86-unknown-cpu-no-sysenter.patch
  25765-x86_64-allow-unsafe-adjust.patch
  25771-grant-copy-status-paged-out.patch
  25773-x86-honor-no-real-mode.patch
  25786-x86-prefer-multiboot-meminfo-over-e801.patch
- bnc#777890 - CVE-2012-3497: xen: multiple TMEM hypercall
  vulnerabilities (XSA-15)
  CVE-2012-3497-tmem-xsa-15-1.patch
  CVE-2012-3497-tmem-xsa-15-2.patch
  CVE-2012-3497-tmem-xsa-15-3.patch
  CVE-2012-3497-tmem-xsa-15-4.patch
  CVE-2012-3497-tmem-xsa-15-5.patch
  CVE-2012-3497-tmem-xsa-15-6.patch
  CVE-2012-3497-tmem-xsa-15-7.patch
  CVE-2012-3497-tmem-xsa-15-8.patch
  CVE-2012-3497-tmem-xsa-15-9.patch
  tmem-missing-break.patch

  </description>
  <issue tracker="bnc" id="764077"/>
  <issue tracker="bnc" id="771099"/>
  <issue tracker="bnc" id="776755"/>
  <issue tracker="bnc" id="777086"/>
  <issue tracker="bnc" id="777090"/>
  <issue tracker="bnc" id="777091"/>
  <issue tracker="bnc" id="777890"/>
  <issue tracker="bnc" id="778105"/>
  <issue tracker="bnc" id="779212"/>
  <issue tracker="bnc" id="784087"/>
  <issue tracker="bnc" id="786516"/>
  <issue tracker="bnc" id="786517"/>
  <issue tracker="bnc" id="786518"/>
  <issue tracker="bnc" id="786519"/>
  <issue tracker="bnc" id="786520"/>
  <issue tracker="bnc" id="787163"/>
  <issue tracker="cve" id="CVE-2007-0998"/>
  <issue tracker="cve" id="CVE-2012-2625"/>
  <issue tracker="cve" id="CVE-2012-2934"/>
  <issue tracker="cve" id="CVE-2012-3494"/>
  <issue tracker="cve" id="CVE-2012-3495"/>
  <issue tracker="cve" id="CVE-2012-3496"/>
  <issue tracker="cve" id="CVE-2012-3497"/>
  <issue tracker="cve" id="CVE-2012-3498"/>
  <issue tracker="cve" id="CVE-2012-3515"/>
  <issue tracker="cve" id="CVE-2012-4411"/>
  <issue tracker="cve" id="CVE-2012-4535"/>
  <issue tracker="cve" id="CVE-2012-4536"/>
  <issue tracker="cve" id="CVE-2012-4537"/>
  <issue tracker="cve" id="CVE-2012-4538"/>
  <issue tracker="cve" id="CVE-2012-4539"/>
  <issue tracker="cve" id="CVE-2012-4544"/>

</patchinfo>
openSUSE Build Service is sponsored by
Places