security update for xen
Announcement ID: | SUSE-SU-2015:1404-1 |
---|---|
Rating: | moderate |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves two vulnerabilities can now be installed.
Description:
This security update of Xen fixes the following issues:
- bsc#939712 (XSA-140): QEMU leak of uninitialized heap memory in rtl8139 device model (CVE-2015-5165)
- bsc#939709 (XSA-139): Use after free in QEMU/Xen block unplug protocol (CVE-2015-5166)
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Desktop 11 SP4
zypper in -t patch sledsp4-Xen-12033=1
-
SUSE Linux Enterprise Software Development Kit 11 SP4
zypper in -t patch sdksp4-Xen-12033=1
-
SUSE Linux Enterprise Server 11 SP4
zypper in -t patch slessp4-Xen-12033=1
-
SLES for SAP Applications 11-SP4
zypper in -t patch slessp4-Xen-12033=1
Package List:
-
SUSE Linux Enterprise Desktop 11 SP4 (x86_64 i586)
- xen-libs-4.4.2_12-23.1
- xen-kmp-default-4.4.2_12_3.0.101_63-23.1
- xen-tools-domU-4.4.2_12-23.1
-
SUSE Linux Enterprise Desktop 11 SP4 (i586)
- xen-kmp-pae-4.4.2_12_3.0.101_63-23.1
-
SUSE Linux Enterprise Desktop 11 SP4 (x86_64)
- xen-tools-4.4.2_12-23.1
- xen-4.4.2_12-23.1
- xen-doc-html-4.4.2_12-23.1
- xen-libs-32bit-4.4.2_12-23.1
-
SUSE Linux Enterprise Software Development Kit 11 SP4 (x86_64 i586)
- xen-devel-4.4.2_12-23.1
-
SUSE Linux Enterprise Server 11 SP4 (x86_64 i586)
- xen-libs-4.4.2_12-23.1
- xen-kmp-default-4.4.2_12_3.0.101_63-23.1
- xen-tools-domU-4.4.2_12-23.1
-
SUSE Linux Enterprise Server 11 SP4 (i586)
- xen-kmp-pae-4.4.2_12_3.0.101_63-23.1
-
SUSE Linux Enterprise Server 11 SP4 (x86_64)
- xen-tools-4.4.2_12-23.1
- xen-4.4.2_12-23.1
- xen-doc-html-4.4.2_12-23.1
- xen-libs-32bit-4.4.2_12-23.1
-
SLES for SAP Applications 11-SP4 (x86_64)
- xen-libs-4.4.2_12-23.1
- xen-tools-domU-4.4.2_12-23.1
- xen-kmp-default-4.4.2_12_3.0.101_63-23.1
- xen-tools-4.4.2_12-23.1
- xen-doc-html-4.4.2_12-23.1
- xen-libs-32bit-4.4.2_12-23.1
- xen-4.4.2_12-23.1