[Oraclevm-errata] OVMSA-2012-0046 Oracle VM 3.1 xen security update

[Errata Announcements for Oracle VM]

Oracle VM Security Advisory OVMSA-2012-0046

The following updated rpms for Oracle VM 3.1 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
xen-4.1.2-18.el5.16.x86_64.rpm
xen-devel-4.1.2-18.el5.16.x86_64.rpm
xen-tools-4.1.2-18.el5.16.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.1/SRPMS-updates/xen-4.1.2-18.el5.16.src.rpm



Description of changes:

[4.1.2-18.el5.16 ]
- Xen Security Advisory CVE-2012-4411 / XSA-19
   version 2
   guest administrator can access qemu monitor console
   Disable qemu monitor by default.  The qemu monitor is an overly
   powerful feature which must be protected from untrusted (guest)
   administrators.
   Signed-off-by: Ian Jackson <ian.jackson at eu.citrix.com>
   Signed-off-by: Chuck Anderson <chuck.anderson at oracle.com> [bug 
14612320] {CVE-2012-4411}

[4.1.2-18.el5.15 ]
- fix xm create vcpu_avail exceeds XMLRPC int limits
   If maxvcpus = vcpus = 40, (1<<40 -1) will exceed XMLRPC int limit. 
Change it to
   str will work. Then in the xend side, it will converted back to int.
   Signed-off-by: Zhigang Wang <zhigang.x.wang at oracle.com>
   Signed-off-by: Adnan Misherfi <adnan.misherfi at oracle.com>
   Backported-by: Joe Jin <joe.jin at oracle.com> [bug 14483583] 
{CVE-2012-3515}