Post

Xen packages 4.1.3-2 released.

Changes in this version:

  • Fri Sep 07 2012 Steven Haigh <netwiz @crc.id.au> - 4.1.3-2
  • XSA12 (CVE-2012-3494) - hypercall set_debugreg vulnerability
  • XSA13 (CVE-2012-3495) - hypercall physdev_get_free_pirq vulnerability
  • XSA14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability
  • XSA16 (CVE-2012-3498) - PHYSDEVOP_map_pirq index vulnerability
  • XSA17 (CVE-2012-3515) - Qemu VT100 emulation vulnerability
  • XSA19 guest administrator can access qemu monitor console

Everyone should update to these packages ASAP.

This post is licensed under CC BY 4.0 by the author.