{"id":"SUSE-RU-2019:2715-1","summary":"Recommended update for xen","details":"This update for xen to version 4.12.1 fixes the following issues:\n\n- Fixed an issue which made Xen crash on AMD ROME based machines (bsc#1135799).\n- Xenpvnetboot is now ported correctly to Python 3 (bsc#1138563).\n- Added code to change LIBXL_HOTPLUG_TIMEOUT at runtime (bsc#1120095). \n  The included README has details about the impact of this change\n- Fixed an issue where the speculative mitigation facilities reported wrong status (bsc#1143563).\n- Fixed an issue where Xen could not connect socket to /var/run/libvirt/libvirt-sock (bsc#1137471).\n- Fixed an HPS bug which did not allow to install Windows Server 2016 with 2 CPUs setting or above\n  (bsc#1137717).\n- Fixed a segmentation fault in Libvrtd during live migration to a VM (bsc#1145774). \n- LTO is now disabled (bsc#1133296).\n- Fixed an issue where Xen could not pre-allocate 1 shadow page (bsc#1145240).\n","modified":"2026-03-11T05:58:18.173416Z","published":"2019-10-18T14:21:34Z","related":["CVE-2018-12126","CVE-2018-12127","CVE-2018-12130","CVE-2019-11091","CVE-2019-17349","CVE-2019-17350"],"upstream":["CVE-2018-12126","CVE-2018-12127","CVE-2018-12130","CVE-2019-11091","CVE-2019-17349","CVE-2019-17350"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2019-2715/suse-ru-20192715-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1027519"},{"type":"REPORT","url":"https://bugzilla.suse.com/1111331"},{"type":"REPORT","url":"https://bugzilla.suse.com/1120095"},{"type":"REPORT","url":"https://bugzilla.suse.com/1133296"},{"type":"REPORT","url":"https://bugzilla.suse.com/1135799"},{"type":"REPORT","url":"https://bugzilla.suse.com/1137471"},{"type":"REPORT","url":"https://bugzilla.suse.com/1137717"},{"type":"REPORT","url":"https://bugzilla.suse.com/1138294"},{"type":"REPORT","url":"https://bugzilla.suse.com/1138563"},{"type":"REPORT","url":"https://bugzilla.suse.com/1143563"},{"type":"REPORT","url":"https://bugzilla.suse.com/1145240"},{"type":"REPORT","url":"https://bugzilla.suse.com/1145774"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-12126"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-12127"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-12130"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11091"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-17349"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-17350"}],"affected":[{"package":{"name":"xen","ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP1","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.12.1_02-3.3.1"}]}],"ecosystem_specific":{"binaries":[{"xen-tools-domU":"4.12.1_02-3.3.1","xen-libs":"4.12.1_02-3.3.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2019:2715-1.json"}},{"package":{"name":"xen","ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP1","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.12.1_02-3.3.1"}]}],"ecosystem_specific":{"binaries":[{"xen-tools":"4.12.1_02-3.3.1","xen":"4.12.1_02-3.3.1","xen-devel":"4.12.1_02-3.3.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2019:2715-1.json"}}],"schema_version":"1.7.5"}