Security update for Xen

SUSE Security Update: Security update for Xen

Announcement ID:	SUSE-SU-2015:1157-1
Rating:	important
References:	#931625 #931626 #931627 #931628 #932770 #932996
Affected Products:	SUSE Linux Enterprise Server 11 SP2 LTSS

An update that fixes 7 vulnerabilities is now available.

Description:

Xen was updated to fix six security issues:

CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu. (XSA-128, bsc#931625)
CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests. (XSA-129, bsc#931626)
CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages. (XSA-130, bsc#931627)
CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131, bsc#931628)
CVE-2015-3209: Heap overflow in qemu pcnet controller allowing guest to host escape. (XSA-135, bsc#932770)
CVE-2015-4164: DoS through iret hypercall handler. (XSA-136, bsc#932996)

Security Issues:

Please reboot the system after installing this update.

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Server 11 SP2 LTSS:
zypper in -t patch slessp2-xen-201506=10729

To bring your system up-to-date, use "zypper patch".

SUSE Linux Enterprise Server 11 SP2 LTSS (i586 x86_64):
- xen-devel-4.1.6_08-0.13.1
- xen-kmp-default-4.1.6_08_3.0.101_0.7.29-0.13.1
- xen-kmp-trace-4.1.6_08_3.0.101_0.7.29-0.13.1
- xen-libs-4.1.6_08-0.13.1
- xen-tools-domU-4.1.6_08-0.13.1
SUSE Linux Enterprise Server 11 SP2 LTSS (x86_64):
- xen-4.1.6_08-0.13.1
- xen-doc-html-4.1.6_08-0.13.1
- xen-doc-pdf-4.1.6_08-0.13.1
- xen-libs-32bit-4.1.6_08-0.13.1
- xen-tools-4.1.6_08-0.13.1
SUSE Linux Enterprise Server 11 SP2 LTSS (i586):
- xen-kmp-pae-4.1.6_08_3.0.101_0.7.29-0.13.1