SuSE 11.2 Security Update : Xen and libvirt (SAT Patch Number 6640)
Medium Nessus Plugin ID 64235
The remote SuSE 11 host is missing one or more security updates.
Xen was updated to fix several security issues : - A xen HVM guest destroy p2m teardown host DoS vulnerability was fixed, where malicious guest could lock/crash the host. (CVE-2012-3433) - A xen HVM guest user mode MMIO emulation DoS was fixed. (CVE-2012-3432) - The xen pv bootloader doesn't check the size of the bzip2 or lzma compressed kernel, leading to denial of service (crash). (CVE-2012-2625) Also the following bug in XEN has been fixed : - Xen HVM DomU crash during Windows Server 2008 R2 install, when maxmem > memory This update also included bugfixes for:. (bnc#746702) - vm-install: - bnc#762963 - ReaR: Unable to recover a paravirtualized XEN guest - virt-manager - SLE11-SP2 ONLY - virt-manager fails to start after upgrade to SLES11 SP2 from SLES10. (bnc#764982)