Scientific Linux Security Update : xen/libvirt on SL5.0 i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

NOTE1: The xen update needs to be applied with the new kernel
kernel-2.6.18-53.1.4.el5. Because a kernel does not automatically get
updated, but the xen libraries do (by default) it is best to upgrade
them both at the same time, and then reboot into the new kernel.

Updating both the kernel and xen is because the new kernel has changed
the way that it works with xen. So upgrading and booting into the new
kernel will break your old xen. And updating xen and trying to restart
xen domains in your old kernel will not work either.

Updating the xen libraries will not affect currently running virtual
machines, but will prevent any new ones being started or rebooted,
until you have booted into the new kernel.

NOTE2: This xen/kernel update is only really needed for the master
virtual machine (Dom 0). Virtual machines can update their kernels
without any problems.

See also :

http://www.nessus.org/u?3abece31

Solution :

Update the affected packages.

Risk factor :

High

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60325 ()

Bugtraq ID:

CVE ID: