SuSE 11 Security Update : Xen (SAT Patch Number 2230)

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

Collective Xen/201004 Update, containing fixes for the following
issues :

- pygrub, reiserfs: Fix on-disk structure definition
bnc#537370 - Xen on SLES 11 does not boot - endless loop
in ATA detection bnc#561912 - xend leaks memory
bnc#564750 - Keyboard Caps Lock key works abnormal under
SLES11 xen guest OS. bnc#548443 - keymap setting not
preserved bnc#555152 - 'NAME' column in xentop (SLES11)
output limited to 10 characters unlike SLES10 bnc#553631
- L3: diskpart will not run on windows 2008 bnc#548852 -
DL585G2 - plug-in PCI cards fail in IO-APIC mode
bnc#529195 - xend: disallow ! as a sxp separator
bnc#550397 - xend: bootable flag of VBD not always of
type int bnc#545470 - Xen vifname parameter is ignored
when using type=ioemu in guest configuration file
bnc#541945 - xm create -x command does not work in SLES
10 SP2 or SLES 11 bnc#542525 - xen pygrub vulnerability
(CVE-2009-3525) bnc#481592 and fate#306125 - Virtual
machines are not able to boot from CD to allow upgrade
to OES2SP1 (sle10 bug) bnc#553633 - Update breaks menu
access keys in virt-viewer and still misses some key
sequences. (sle10 bug) fate#306720: xen: virt-manager
cdrom handling. bnc#547590 - L3: virt-manager is unable
of displaying VNC console on remote hosts bnc#572691 -
libvird segfaults when trying to create a kvm guest
bnc#573748 - L3: Virsh gives error Device 51712 not
connected after updating libvirt modules bnc#548438 -
libcmpiutil / libvirt-cim does not properly handle CIM_
prefixed. (bnc#576832)

- Xen doesn't work get an eror when starting the install
processes or starting a pervious installed DomU.
(bnc#513921)

- Cannot set MAC address for PV guest in vm-install.
(bnc#526855)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=481592
https://bugzilla.novell.com/show_bug.cgi?id=513921
https://bugzilla.novell.com/show_bug.cgi?id=526855
https://bugzilla.novell.com/show_bug.cgi?id=529195
https://bugzilla.novell.com/show_bug.cgi?id=537370
https://bugzilla.novell.com/show_bug.cgi?id=541945
https://bugzilla.novell.com/show_bug.cgi?id=542525
https://bugzilla.novell.com/show_bug.cgi?id=545470
https://bugzilla.novell.com/show_bug.cgi?id=547590
https://bugzilla.novell.com/show_bug.cgi?id=548438
https://bugzilla.novell.com/show_bug.cgi?id=548443
https://bugzilla.novell.com/show_bug.cgi?id=548852
https://bugzilla.novell.com/show_bug.cgi?id=550397
https://bugzilla.novell.com/show_bug.cgi?id=553631
https://bugzilla.novell.com/show_bug.cgi?id=553633
https://bugzilla.novell.com/show_bug.cgi?id=555152
https://bugzilla.novell.com/show_bug.cgi?id=561912
https://bugzilla.novell.com/show_bug.cgi?id=564750
https://bugzilla.novell.com/show_bug.cgi?id=572691
https://bugzilla.novell.com/show_bug.cgi?id=573748
https://bugzilla.novell.com/show_bug.cgi?id=576832
https://bugzilla.novell.com/show_bug.cgi?id=591092
http://support.novell.com/security/cve/CVE-2009-3525.html

Solution :

Apply SAT patch number 2230.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 50966 ()

Bugtraq ID:

CVE ID: CVE-2009-3525

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now