SuSE 10 Security Update : Xen (ZYPP Patch Number 2155)

This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

This update includes both bug fixes and security fixes for Xen.

A summary of the fixes appears below: 151105 - Fix various 'leaks' of
loopback devices w/ domUloader 162865 - Re-send all page tables when
migrating to avoid oops 167145 - Add status messages during file
backed disk creation 176369 - YaST2-VM incorrectly reports 'Not enough
free memory' if not on xen 176449 - Backport credit scheduler, for
better performance 176717 - [XEN-HVM]Failed to install win2k hvm guest
184175 - System rebooted during Virtual Machine (guest OS)
installation 184727 - Error starting VM from YaST with maximum memory
size (partial fix) 184727 - fix calculation of largest memory size of
VM 185557 - update xendomains to wait for shutdown to complete 185557
- 'xm shutdown -w' must wait for loopback devices to be destroyed
186930 - Logical volumes (LVM) are not displayed when adding block
device 189765 - using an LV as VM block device gives bogus warning
189815 - Increase balloon timeout value, for large memory machines
190170 - Do not open migration port by default 190869 - Default to
non-sync loopback; give choice to user per-disk 191627 - Fix startup
errors in disk created by mk-xen-rescue-img 191853 - Fix overflows in
lomount, for virtual disks > 2 GB 192150 - Xen issue with privileged
instruction 192308 - disable alignment checks in kernel mode (fixes
eDir/NICI) 193854 - Add arch-invarient qemu-dm link, so config file is
portable 193854 - lib vs lib64 is hard-coded into VM definition file
194389 - YaST2 xen Module Bug in X Detection 196169 - Make domUloader
honor the dry-run flag 197777 - do not default to 'bridge=xenbr0' in
the VM config file 201349 - xendomains did not actually save domains
203731 - Allow VM's RAM to be enlarged after starting VM (fix maxmem
setting) 204153 - default to using vif0/xenbr0 if vifnum is not set or
no default route 206312 - Fix TEST_UNIT_READY to work with ISO images;
fixes Windows BSOD. 209743 - Do not delay interrupt injection if the
guest IF_FLAG disallows intr xxxxxx - changeset 9763: grant table fix
xxxxxx - do not expose MCE/MCA bits in CPUID on SVM xxxxxx - quiet
debug messages in SVM xxxxxx - update block-nbd so that it works again

Solution :

Apply ZYPP patch number 2155.

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 29596 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now