xen-3.0.3-41.7AXS3
エラータID: AXSA:2008-256:01
This package contains the Xen tools and management daemons needed to run virtual machines on x86, x86_64, and ia64 systems.
Information on how to use Xen can be found at the Xen project pages.
The Xen system also requires the Xen hypervisor and domain-0 kernel, which can be found in the kernel-xen* package.
Virtualization can be used to run multiple operating systems on one physical system, for purposes of hardware consolidation, hardware abstraction, or to test untrusted applications in a sandboxed environment.
- rebuild for Asianux 3.0 SP1
- add patch700 to use functions for service script xendomains by default
- modify redhat string to asianux (#2837, Patch701)
- Disable QEMU image format auto-detection CVE-2008-2004
- Fix PVFB to validate frame buffer description
- Fix PVFB to cope with bogus update requests
- Fix QEMU buffer overflow CVE-2007-5730
- Fix QEMU block device extents checking CVE-2008-0928
- Fix FV O_DIRECT flushing
- Fixed xenbaked tmpfile flaw (CVE-2007-3919
- QEmu NE2000 overflow check - CVE-2007-1321
- Pygrub guest escape - CVE-2007-4993
- Rewrite locking in hotplug scripts to fix timeouts
- Require xen-hypervisor-abi = 3.1 to pull in neccessary kernel
- Fixed memory ballooning for HVM restore
- Avoid bogus VNC password prompts after migrate/restore
- Fix UUID normalization when no UUID is present
- Fix handling of 'keymap' param in config files
- Don't destroy guest after shutdown timeout
- Ensure PVFB daemon terminates promptly on domain shutdown
- Fix rtl8139 checksums for VISTA
- Update package description to better reflect reality
- Fix more VNC threading problems
- Fix save/restore edge case
- Fix legacy PVFB for 32-on-64
- Fixed booting guests with legacy native ABI device protocol
- Fix more VNC keycode/keysym mappings issues
- Fix potential QEMU crash when VNC client disconnects
- Add NVRAM support for ia64 guests
- Normalize UUID to avoid loosing guest name upon restarts
- fix ethernet bonding in balanced-rr mode
- Fix vncport type cast for HVM guests
- Ignore failures in dump core
- Rate limit console messages from guest
- Use -r flag to losetup for readonly block devices
- Mark /etc/sysconfig/xend as a config file
- Fix address test in network-bridge
- Permissions of xend-debug.log
- Hotplug scripts error reporting
- Disable network-bridge if running on Dom0 with nfs/iscsi root device
- Fix a race in the pvfb startup
- Loadable pvfb keymap
- Fix pvfb save/restore broken in 3.0.3-27.el5
- Fixed 32-bit core dumps with HVM
- Add persistent logging of guest & hypervisor console
- Fix destroyDevice() args
- Check file exists in blktap hotplug scripts
- Make SXPR server in XenD multi-threaded
- Fixed xm man page about block device modes
- Update low level (non-XenD) userspace to work with 3.1.0 hypervisor
- Patch XenD to use 'domid' instead of 'dom' with libxc
- Patch XenD to use new HVM domain creation process
- Remove unused i18n stuff from Makefile
- Fix pygrub, blktapctrl paths to return to original settings
- Back-port 3.1.0 HVM save/restore changes to XenD
- Move HVM save/restore files from /tmp to /var/lib/xen
- Ensure pvfb backend terminates when frontend vanishes early
- Save vncpasswd in xenstore along with the other pvfb configuration
- Fix allocation of fixed VNC ports for pvfb
- Don't start a xen-vncfb process for HVM
- disable qemu monitor mode, for security reasons
- fix IA64 shadow page table mode
Update Packages.
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.
Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730.
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability.
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted.
From Asianux Server 3 SP1 updated packages.
SRPMS
- xen-3.0.3-41.7AXS3.src.rpm
MD5: 0e9bffadf4a46dbc26f21cd3f7c92008
SHA-256: 692b613239013bf9c8af5db3e58840d64ddc306b52aec895f5253e5df883bf13
Size: 13.12 MB
Asianux Server 3 for x86
- xen-3.0.3-41.7AXS3.i386.rpm
MD5: 9e86f8f62af9d1f6d7a6da998a1f7f74
SHA-256: 303f6fa90341d7bade482ffaa306a5d53f62a29c8604f3f896de60dfaf1ef8bf
Size: 1.95 MB - xen-devel-3.0.3-41.7AXS3.i386.rpm
MD5: 347508a45802b1c783ea6536bbd120d2
SHA-256: c1aca14b75fdc174229c3b8ea0de6976b31f6224ab7df0c5780a0e4cc9a1aaec
Size: 212.55 kB - xen-libs-3.0.3-41.7AXS3.i386.rpm
MD5: a34368c5f6bc404022ff0d5662bb8d5d
SHA-256: 841bdf2a258f2aa8cd93fb4bb7a7cc63ea5f867e7866963aed67285877402475
Size: 138.52 kB
Asianux Server 3 for x86_64
- xen-3.0.3-41.7AXS3.x86_64.rpm
MD5: 38b3d4c9345352de83fcdd7e345dbf59
SHA-256: 87dba205b4c2f8104e73f70bf282d4be8315fa2067f95e60a3ad17e898394337
Size: 1.94 MB - xen-devel-3.0.3-41.7AXS3.x86_64.rpm
MD5: de03c2cebd16af6ff83ae3cdd5ab39a3
SHA-256: 69114d1078de944727f0dd35056792b3378c63f71ae0c01a47056647421ca218
Size: 216.20 kB - xen-libs-3.0.3-41.7AXS3.x86_64.rpm
MD5: 2c6262f2d7550fcfbecc38b1ec5e6f3a
SHA-256: 61ceebdde1b9d9da07774023b443b8e16ca7156da1709aee312bf6a6c1e2cb74
Size: 134.97 kB