XEN Security Update XSA-180/CVE-2014-3672
Issue | Summary | Affected Versions | Fixed | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Static Compute Resources | CloudBoot Compute Resources | Static Compute Resources | CloudBoot Compute Resources | ||||||
| CentOS 5.x | CentOS 6.x | CentOS 5.x | CentOS 6.x | CentOS 5.x | CentOS 6.x | CentOS 5.x | CentOS 6.x | ||
| XSA-180/CVE-2014-3672 | Unrestricted QEMU logging | ✓* | ✓* | ✓* | ✓* | ✓ | ✓ | - | - |
* This issue affects only the compute resources under CentOS 5.x and 6.x running guests in HVM mode (FreeBSD, Windows or in recovery mode).
Static Compute Resources
To eliminate the security issue for Static Compute Resources:
For customers willing to upgrade to the latest compute resource tools (corresponding to OnApp version installed)
Run the OnApp Xen Compute Resource installer
1/onapp/onapp-hv-install/onapp-hv-xen-install.shReboot all compute resources.
For customers which are using latest compute resource tools or do not want to upgrade them:
CentOS 5.x
1# yum update xen xen-libsThis should update to the xen-3.4.4-22.el5.onapp.x86_64 version.
CentOS 6.x
1# yum update xen xen-hypervisor- For versions of OnApp HV tools prior to version 4.2.0 this should update to the xen-4.2.5-38.28.onapp.el6.x86_64 version.
- For versions of OnApp HV tools after version 4.2.0 the fix is provided by CentOS.org. The command above should update to the 4.4.4.-6 version.
Reboot all compute resources.
