| Description: |
XEN has been updated to version 4.1.6 which fixes various bugs and security issues.
* * CVE-2013-4416: XSA-72: Fixed ocaml xenstored that mishandled oversized message replies. * CVE-2013-4355: XSA-63: Fixed information leaks through I/O instruction emulation * CVE-2013-4361: XSA-66: Fixed information leak through fbld instruction emulation * CVE-2013-4368: XSA-67: Fixed information leak through outs instruction emulation * CVE-2013-1442: XSA-62: Fixed information leak on AVX and/or LWP capable CPUs * CVE-2013-4329: XSA-61: libxl partially sets up HVM passthrough even with disabled iommu * CVE-2013-1432: XSA-58: x86: fix page refcount handling in page table pin error path * CVE-2013-2211: XSA-57: libxl allows guest write access to sensitive console related xenstore keys * xen: XSA-55: Multiple vulnerabilities in libelf PV kernel handling (CVE-2013-2194 CVE-2013-2195 CVE-2013-2196)
Various bugs have also been fixed:
* Improvements to block-dmmd script (bnc#828623) * MTU size on Dom0 gets reset when booting DomU with e1000 device (bnc#840196) * In HP's UEFI x86_64 platform and with xen environment, in booting stage ,xen hypervisor will panic. (bnc#833251) * Xen: migration broken from xsave-capable to xsave-incapable host (bnc#833796) * In xen, 'shutdown -y 0 -h' cannot power off system (bnc#834751) * In HP's UEFI x86_64 platform and sles11sp3 with xen environment, xen hypervisor will panic on multiple blades nPar. (bnc#839600) * Failed to setup devices for vm instance when start multiple vms simultaneously (bnc#824676) * migrate.py support of short options dropped by PTF (bnc#824676) * after live migration rcu_sched_state detected stalls add new option xm migrate --min_remaing (bnc#803712) * various upstream fixes have been included
Security Issue references:
* CVE-2013-1432 * CVE-2013-1442 * CVE-2013-2194 * CVE-2013-2195 * CVE-2013-2196 * CVE-2013-2211 * CVE-2013-4329 * CVE-2013-4355 * CVE-2013-4361 * CVE-2013-4368 * CVE-2013-4416
|