xen security update

CentOS Errata and Security Advisory CESA-2013:0599

The xen packages contain administration tools and the xend service for
managing the kernel-xen kernel for virtualization on Red Hat Enterprise
Linux.

A flaw was found in the way QEMU emulated the e1000 network interface card
when the host was configured to accept jumbo network frames, and a
fully-virtualized guest using the e1000 emulated driver was not. A remote
attacker could use this flaw to crash the guest or, potentially, execute
arbitrary code with root privileges in the guest. (CVE-2012-6075)

All users of xen are advised to upgrade to these updated packages, which
correct this issue. After installing the updated packages, all running
fully-virtualized guests must be restarted for this update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-March/081428.html

Affected packages:
xen
xen-devel
xen-libs

Upstream details at:
https://access.redhat.com/errata/RHSA-2013:0599