Security update for Xen and libvirt

SUSE Security Update: Security update for Xen and libvirt

Announcement ID:	SUSE-SU-2012:0386-1
Rating:	low
References:	#649209 #694863 #725169 #726332 #727515 #732782 #734826 #735403 #736824 #739585 #740165
Affected Products:	SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1

An update that solves one vulnerability and has 10 fixes is now available. It includes one version update.

Description:

This collective update 2012/02 for Xen provides fixes for
the following reports:

Xen:

* 740165: Fix heap overflow in e1000 device emulation
(applicable to Xen qemu - CVE-2012-0029)
* 739585: Xen block-attach fails after repeated
attach/detach
* 727515: Fragmented packets hang network boot of HVM
guest
* 736824: Microcode patches for AMD's 15h processors
panic the system
* 732782: xm create hangs when maxmen value is enclosed
in "quotes"
* 734826: xm rename doesn't work anymore
* 694863: kexec fails in xen
* 726332: Fix considerable performance hit by previous
changeset
* 649209: Fix slow Xen live migrations

libvirt

* 735403: Fix connection with virt-manager as normal
user

virt-utils

* Add Support for creating images that can be run on
Microsoft Hyper-V host (Fix vpc file format. Add support
for fixed disks)

Security Issue references:

* CVE-2012-0029
>

Indications:

Every Xen user should update.

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-xen-201202-5796
SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-xen-201202-5796
SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-xen-201202-5796
SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-xen-201202-5796

To bring your system up-to-date, use "zypper patch".

Package List:

SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):

libvirt-devel-0.7.6-1.29.2

xen-devel-4.0.3_21548_02-0.5.2
SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):

xen-kmp-trace-4.0.3_21548_02_2.6.32.54_0.3-0.5.2
SUSE Linux Enterprise Server 11 SP1 (i586 x86_64) [New Version: 1.1.3]:

libvirt-0.7.6-1.29.2

libvirt-doc-0.7.6-1.29.2

libvirt-python-0.7.6-1.29.2

virt-utils-1.1.3-1.5.1

xen-4.0.3_21548_02-0.5.2

xen-doc-html-4.0.3_21548_02-0.5.2

xen-doc-pdf-4.0.3_21548_02-0.5.2

xen-kmp-default-4.0.3_21548_02_2.6.32.54_0.3-0.5.2

xen-kmp-trace-4.0.3_21548_02_2.6.32.54_0.3-0.5.2

xen-libs-4.0.3_21548_02-0.5.2

xen-tools-4.0.3_21548_02-0.5.2

xen-tools-domU-4.0.3_21548_02-0.5.2
SUSE Linux Enterprise Server 11 SP1 (i586):

xen-kmp-pae-4.0.3_21548_02_2.6.32.54_0.3-0.5.2
SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.1.3]:

libvirt-0.7.6-1.29.2

libvirt-doc-0.7.6-1.29.2

libvirt-python-0.7.6-1.29.2

virt-utils-1.1.3-1.5.1

xen-4.0.3_21548_02-0.5.2

xen-kmp-default-4.0.3_21548_02_2.6.32.54_0.3-0.5.2

xen-libs-4.0.3_21548_02-0.5.2

xen-tools-4.0.3_21548_02-0.5.2

xen-tools-domU-4.0.3_21548_02-0.5.2
SUSE Linux Enterprise Desktop 11 SP1 (i586):

xen-kmp-pae-4.0.3_21548_02_2.6.32.54_0.3-0.5.2

References:

http://support.novell.com/security/cve/CVE-2012-0029.html
https://bugzilla.novell.com/649209
https://bugzilla.novell.com/694863
https://bugzilla.novell.com/725169
https://bugzilla.novell.com/726332
https://bugzilla.novell.com/727515
https://bugzilla.novell.com/732782
https://bugzilla.novell.com/734826
https://bugzilla.novell.com/735403
https://bugzilla.novell.com/736824
https://bugzilla.novell.com/739585
https://bugzilla.novell.com/740165
http://download.suse.com/patch/finder/?keywords=cc26db394df4e1893e567ae94e3d664f