Description: | Summary: The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2012:1132-1 advisory.
Vulnerability Insight: XEN was updated 4.1.3 to fix multiple bugs and security issues.
The following security issues have been fixed:
* CVE-2012-3494: xen: hypercall set_debugreg vulnerability (XSA-12) * CVE-2012-3495: xen: hypercall physdev_get_free_pirq vulnerability (XSA-13) * CVE-2012-3496: xen: XENMEM_populate_physmap DoS vulnerability (XSA-14) * CVE-2012-3498: xen: PHYSDEVOP_map_pirq index vulnerability (XSA-16) * CVE-2012-3515: xen: Qemu VT100 emulation vulnerability (XSA-17)
Also the following bugs have been fixed:
* pvscsi support of attaching Luns - bnc#776995
The following related bugs in vm-install 0.5.12 have been fixed:
* bnc#776300 - vm-install does not pass --extra-args in --upgrade * Add for support Open Enterprise Server 11 * Add support for Windows 8 and Windows Server 2012 * Add support for Ubuntu 12 (Precise Pangolin)
Security Issue references:
* CVE-2012-3496 > * CVE-2012-3494 > * CVE-2012-3495 > * CVE-2012-3498 > * CVE-2012-3515 >
Affected Software/OS: 'Xen' package(s) on SUSE Linux Enterprise Desktop 11 SP2, SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise Software Development Kit 11 SP2.
Solution: Please install the updated package(s).
CVSS Score: 7.2
CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
|