openSUSE Security Update : xen-201004 (openSUSE-SU-2010:0293-1)

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Collective Xen 2010/04 Update, containing fixes for the following
issues :

bnc#576832 - pygrub, reiserfs: Fix on-disk structure definition
bnc#537370 - Xen on SLES 11 does not boot - endless loop in ATA
detection bnc#561912 - xend leaks memory bnc#564750 - Keyboard Caps
Lock key works abnormal under SLES11 xen guest OS. bnc#548443 - keymap
setting not preserved bnc#555152 - 'NAME' column in xentop (SLES11)
output limited to 10 characters unlike SLES10 bnc#553631 - L3:
diskpart will not run on windows 2008 bnc#548852 - DL585G2 - plug-in
PCI cards fail in IO-APIC mode bnc#529195

- xend: disallow ! as a sxp separator bnc#550397 - xend:
bootable flag of VBD not always of type int bnc#545470 -
Xen vifname parameter is ignored when using type=ioemu
in guest configuration file bnc#541945 - xm create -x
command does not work in SLES 10 SP2 or SLES 11
bnc#542525 - VUL-1: xen pygrub vulnerability bnc#481592
and fate#306125 - Virtual machines are not able to boot
from CD to allow upgrade to OES2SP1 (sle10 bug)
bnc#553633 - Update breaks menu access keys in
virt-viewer and still misses some key sequences. (sle10
bug) fate#306720: xen: virt-manager cdrom handling.
bnc#547590 - L3: virt-manager is unable of displaying
VNC console on remote hosts bnc#572691 - libvird
segfaults when trying to create a kvm guest bnc#573748 -
L3: Virsh gives error Device 51712 not connected after
updating libvirt modules bnc#548438 - libcmpiutil /
libvirt-cim does not properly handle CIM_ prefixed
bnc#513921 - Xen doesn't work get an eror when starting
the install processes or starting a pervious installed
DomU bnc#526855 - Cannot set MAC address for PV guest in
vm-install

See also :

http://lists.opensuse.org/opensuse-updates/2010-05/msg00028.html
https://bugzilla.novell.com/show_bug.cgi?id=481592
https://bugzilla.novell.com/show_bug.cgi?id=529195
https://bugzilla.novell.com/show_bug.cgi?id=537370
https://bugzilla.novell.com/show_bug.cgi?id=541945
https://bugzilla.novell.com/show_bug.cgi?id=542525
https://bugzilla.novell.com/show_bug.cgi?id=545470
https://bugzilla.novell.com/show_bug.cgi?id=547590
https://bugzilla.novell.com/show_bug.cgi?id=548438
https://bugzilla.novell.com/show_bug.cgi?id=548443
https://bugzilla.novell.com/show_bug.cgi?id=548852
https://bugzilla.novell.com/show_bug.cgi?id=550397
https://bugzilla.novell.com/show_bug.cgi?id=553631
https://bugzilla.novell.com/show_bug.cgi?id=553633
https://bugzilla.novell.com/show_bug.cgi?id=555152
https://bugzilla.novell.com/show_bug.cgi?id=561912
https://bugzilla.novell.com/show_bug.cgi?id=564750
https://bugzilla.novell.com/show_bug.cgi?id=572691
https://bugzilla.novell.com/show_bug.cgi?id=573748
https://bugzilla.novell.com/show_bug.cgi?id=576832

Solution :

Update the affected xen-201004 packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 46729 ()

Bugtraq ID:

CVE ID: CVE-2009-3525

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now