An update that fixes four vulnerabilities is now available.
This update for xen to version 4.10.1 fixes several issues (bsc#1027519).
These security issues were fixed:
- CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631). - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 mitigations (bsc#1074562).
This non-security issue was fixed:
- Always call qemus xen-save-devices-state in suspend/resume to fix migration with qcow2 images (bsc#1079730)
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product: