openSUSE Security Update : xen-201004 (openSUSE-SU-2010:0293-1)

high Nessus Plugin ID 46729

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

Collective Xen 2010/04 Update, containing fixes for the following issues :

bnc#576832 - pygrub, reiserfs: Fix on-disk structure definition bnc#537370 - Xen on SLES 11 does not boot - endless loop in ATA detection bnc#561912 - xend leaks memory bnc#564750 - Keyboard Caps Lock key works abnormal under SLES11 xen guest OS. bnc#548443 - keymap setting not preserved bnc#555152 - 'NAME' column in xentop (SLES11) output limited to 10 characters unlike SLES10 bnc#553631 - L3:
diskpart will not run on windows 2008 bnc#548852 - DL585G2 - plug-in PCI cards fail in IO-APIC mode bnc#529195

- xend: disallow ! as a sxp separator bnc#550397 - xend:
bootable flag of VBD not always of type int bnc#545470 - Xen vifname parameter is ignored when using type=ioemu in guest configuration file bnc#541945 - xm create -x command does not work in SLES 10 SP2 or SLES 11 bnc#542525 - VUL-1: xen pygrub vulnerability bnc#481592 and fate#306125 - Virtual machines are not able to boot from CD to allow upgrade to OES2SP1 (sle10 bug) bnc#553633 - Update breaks menu access keys in virt-viewer and still misses some key sequences. (sle10 bug) fate#306720: xen: virt-manager cdrom handling.
bnc#547590 - L3: virt-manager is unable of displaying VNC console on remote hosts bnc#572691 - libvird segfaults when trying to create a kvm guest bnc#573748 - L3: Virsh gives error Device 51712 not connected after updating libvirt modules bnc#548438 - libcmpiutil / libvirt-cim does not properly handle CIM_ prefixed bnc#513921 - Xen doesn't work get an eror when starting the install processes or starting a pervious installed DomU bnc#526855 - Cannot set MAC address for PV guest in vm-install

Solution

Update the affected xen-201004 packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=481592

https://bugzilla.novell.com/show_bug.cgi?id=529195

https://bugzilla.novell.com/show_bug.cgi?id=537370

https://bugzilla.novell.com/show_bug.cgi?id=541945

https://bugzilla.novell.com/show_bug.cgi?id=542525

https://bugzilla.novell.com/show_bug.cgi?id=545470

https://bugzilla.novell.com/show_bug.cgi?id=547590

https://bugzilla.novell.com/show_bug.cgi?id=548438

https://bugzilla.novell.com/show_bug.cgi?id=548443

https://bugzilla.novell.com/show_bug.cgi?id=548852

https://bugzilla.novell.com/show_bug.cgi?id=550397

https://bugzilla.novell.com/show_bug.cgi?id=553631

https://bugzilla.novell.com/show_bug.cgi?id=553633

https://bugzilla.novell.com/show_bug.cgi?id=555152

https://bugzilla.novell.com/show_bug.cgi?id=561912

https://bugzilla.novell.com/show_bug.cgi?id=564750

https://bugzilla.novell.com/show_bug.cgi?id=572691

https://bugzilla.novell.com/show_bug.cgi?id=573748

https://bugzilla.novell.com/show_bug.cgi?id=576832

https://lists.opensuse.org/opensuse-updates/2010-05/msg00028.html

Plugin Details

Severity: High

ID: 46729

File Name: suse_11_1_xen-201004-100220.nasl

Version: 1.8

Type: local

Agent: unix

Published: 5/26/2010

Updated: 1/14/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:xen-libs-32bit, p-cpe:/a:novell:opensuse:xen-kmp-debug, p-cpe:/a:novell:opensuse:virt-viewer, p-cpe:/a:novell:opensuse:xen-tools, p-cpe:/a:novell:opensuse:virt-manager, p-cpe:/a:novell:opensuse:xen-kmp-pae, p-cpe:/a:novell:opensuse:xen-kmp-trace, p-cpe:/a:novell:opensuse:libvirt-cim, p-cpe:/a:novell:opensuse:xen-tools-domu, p-cpe:/a:novell:opensuse:libvirt, p-cpe:/a:novell:opensuse:xen-devel, p-cpe:/a:novell:opensuse:xen-libs, p-cpe:/a:novell:opensuse:libcmpiutil, p-cpe:/a:novell:opensuse:xen-doc-pdf, p-cpe:/a:novell:opensuse:xen, p-cpe:/a:novell:opensuse:xen-kmp-default, p-cpe:/a:novell:opensuse:libvirt-devel, p-cpe:/a:novell:opensuse:libvirt-python, cpe:/o:novell:opensuse:11.1, p-cpe:/a:novell:opensuse:xen-doc-html, p-cpe:/a:novell:opensuse:libcmpiutil-devel, p-cpe:/a:novell:opensuse:vm-install

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2/20/2010

Reference Information

CVE: CVE-2009-3525

CWE: 264