rPSA-2007-0124-1 kernel xen
rPath Security Advisory: 2007-0124-1
Published: 2007-06-14
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
kernel=/conary.rpath.com@rpl:devel//1-xen/2.6.16.33-0.1-1
xen=/conary.rpath.com@rpl:devel//1/3.0.3_0-1.5-1
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4623
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5749
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5753
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5757
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2242
https://issues.rpath.com/browse/RPL-880
https://issues.rpath.com/browse/RPL-914
https://issues.rpath.com/browse/RPL-1089
https://issues.rpath.com/browse/RPL-1399
Description:
Many security updates have been applied to the Xen kernels included
in rPath Linux. Most Xen systems do not expose these vulnerabilities,
as many of the issues involve hardware support that is uncommon on
Xen hosts and irrelevant on Xen guests. Several cannot be exposed
on default configurations of rPath Linux because tools to configure
the subsystems are intentionally not included.
Additionally, missing header files have been added to enable building
other packages against Xen header files.
In the future, the 2.6.16.x Xen kernels will be maintained only
with important security fixes, and only for non-PAE x86 versions.
Those kernels will be based on Xen 3.0.3, due to XenSource removing
support for non-PAE kernels from all newer versions of Xen.
More recent PAE Xen kernels will be made available in order to
take advantage of newer hardware support, and to more closely track
upstream sources. These kernels will include more recent releases
of Xen from XenSource.
Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html