Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: xen-hypervisor | Distribution: Fedora Project |
Version: 4.16.2 | Vendor: Fedora Project |
Release: 1.fc37 | Build date: Sat Sep 17 18:21:37 2022 |
Group: Unspecified | Build host: buildvm-x86-05.iad2.fedoraproject.org |
Size: 64177495 | Source RPM: xen-4.16.2-1.fc37.src.rpm |
Packager: Fedora Project | |
Url: http://xen.org/ | |
Summary: Libraries for Xen tools |
This package contains the Xen hypervisor
GPLv2+ and LGPLv2+ and BSD
* Sat Sep 17 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-1 - update to xen-4.16.2 remove or adjust patches now included or superceded upstream * Tue Jul 26 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-8 - insufficient TLB flush for x86 PV guests in shadow mode [XSA-408, CVE-2022-33745] (#2112223) * Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.16.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Jul 12 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-6 - Retbleed - arbitrary speculative code execution with return instructions [XSA-407, CVE-2022-23816, CVE-2022-23825, CVE-2022-29900] * Tue Jul 05 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-5 - Linux disk/nic frontends data leaks [XSA-403, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742] (#2104747) * Tue Jun 21 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-4 - x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166] * Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 4.16.1-3 - Rebuilt for Python 3.11 (F37 build only) * Sat Jun 11 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-2 - stop building for ix86 and armv7hl due to missing build dependency - x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362] - x86 pv: Insufficient care with non-coherent mappings [ XSA-402, CVE-2022-26363, CVE-2022-26364] - additional patches so above applies cleanly * Thu Apr 14 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-1 - update to xen-4.16.1 remove or adjust patches now included or superceded upstream renumber patches - strip .efi file to help EFI partitions with limited space * Tue Apr 05 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-6 - Racy interactions between dirty vram tracking and paging log dirty hypercalls [XSA-397, CVE-2022-26356] - race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357] - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400, CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361] - additional patches so above applies cleanly * Mon Mar 21 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-5 - fix build of xen*.efi file and package it in /usr/lib*/efi * Tue Mar 15 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-4 - Multiple speculative security issues [XSA-398] - additional patches so above applies cleanly * Sat Jan 29 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-3 - adjust build script and patches for gcc12 and package note support * Sat Jan 29 2022 Michael Young <m.a.young@durham.ac.uk> - arm: guest_physmap_remove_page not removing the p2m mappings [XSA-393, CVE-2022-23033] (#2045044) - A PV guest could DoS Xen while unmapping a grant [XSA-394, CVE-2022-23034] (#2045042) - Insufficient cleanup of passed-through device IRQs [XSA-395, CVE-2022-23035] (#2045040) * Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.16.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Mon Jan 10 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-1 - update to xen-4.16.0 rebase xen.canonicalize.patch and xen.gcc11.fixes.patch drop xen.fedora.efi.build.patch which is no longer useful remove or adjust patches now included or superceded upstream update libxenstore libary versions unpackage /boot/efi/EFI/fedora/xen*.efi package xen-mceinj and xen-vmtrace - don't build qemu-traditional or pv-grub by default (following upstream) - fix some incorrect dependencies on building qemu-traditional - change grub module package dependencies from Suggests to Recommends and move to hypervisor package - rework seabios configure logic (bios.bin is no longer useful) - frontends vulnerable to backends [XSA-376] (document change only) * Tue Nov 23 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-4 - guests may exceed their designated memory limit [XSA-385, CVE-2021-28706] - PoD operations on misaligned GFNs [XSA-388, CVE-2021-28704, CVE-2021-28707 CVE-2021-28708] - issues with partially successful P2M updates on x86 [XSA-389, CVE-2021-28705, CVE-2021-28709] - certain VT-d IOMMUs may not work in shared page table mode [XSA-390, CVE-2021-28710] * Wed Oct 06 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-3 - rebuild (f36 only) for OCaml 4.13.1 * Tue Oct 05 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-2 - PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248) * Sun Sep 12 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-1 - update to xen-4.15.1 remove or adjust patches now included or superceded upstream update libxencall version * Wed Sep 08 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-7 - Another race in XENMAPSPACE_grant_table handling [XSA-384, CVE-2021-28701] (#2002786) - bugfix for XSA-380 - stop editing grub files in /boot/efi/EFI/fedora * Wed Aug 25 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-6 - IOMMU page mapping issues on x86 [XSA-378, CVE-2021-28694, CVE-2021-28695, CVE-2021-28696] (#1997531) (#1997568) (#1997537) - grant table v2 status pages may remain accessible after de-allocation [XSA-379, CVE-2021-28697] (#1997520) - long running loops in grant table handling [XSA-380, CVE-2021-28698] (#1997526) - inadequate grant-v2 status frames array bounds check [XSA-382, CVE-2021-28699] (#1997523) - xen/arm: No memory limit for dom0less domUs [XSA-383, CVE-2021-28700] (#1997527) - grub x86_64-efi modules now go into /boot/grub2 * Thu Aug 12 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-5 - work around build issue with GNU ld 2.37 (#1990344) * Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.15.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Tue Jun 08 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-3 - xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693] (#1970542) - inappropriate x86 IOMMU timeout detection / handling [XSA-373, CVE-2021-28692] (#1970540) - Speculative Code Store Bypass [XSA-375, CVE-2021-0089, CVE-2021-26313] (#1970531) - x86: TSX Async Abort protections not restored after S3 [XSA-377, CVE-2021-28690] (#1970546) * Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 4.15.0-2 - Rebuilt for Python 3.10 * Wed May 05 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-1 - update to xen-4.15.0 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream renumber patch update libxendevicemodel libxenevtchn libxenforeignmemory versions /etc/bash_completion.d/xl.sh is now xl package xen-access xen-memshare xenstorepvh-stubdom.gz xl-pci-configuration.5.gz - adjust xen.ocaml.4.12.fixes.patch to work with earlier ocaml - re-copy grub modules if they have changed * Fri Mar 19 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-8 - HVM soft-reset crashes toolstack [XSA-368, CVE-2021-28687] (#1940610) - adjust efi test to stop build failing * Tue Mar 02 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-6 - build fixes for OCaml 4.12.0 * Tue Feb 16 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-5 - Linux: display frontend "be-alloc" mode is unsupported (comment only) [XSA-363, CVE-2021-26934] (#1929549) - arm: The cache may not be cleaned for newly allocated scrubbed pages [XSA-364, CVE-2021-26933] (#1929547) * Mon Feb 01 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-4 - backport upstream zstd dom0 and guest patches - add libzstd-devel BuildRequires - add weak dependency on grub modules to improve initial boot setup * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.14.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Thu Jan 21 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-2 - IRQ vector leak on x86 [XSA-360] * Sun Dec 20 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-1 - update to 4.14.1 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream renumber patches * Tue Dec 15 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-14 - xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) - Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) - Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) - Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) - Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1908087) - oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000) - undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085) - oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003) - oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908002) - infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932) - FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931) - FIFO event channels control structure ordering [XSA-359, CVE-2020-29571] (#1908089) * Sat Dec 05 2020 Jeff Law <law@redhat.com> - 4.14.0-13 - Work around another gcc-11 stringop-overflow diagnostic * Tue Nov 24 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-12 - stack corruption from XSA-346 change [XSA-355] * Mon Nov 23 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-11 - support zstd compressed kernels (dom0 only) based on linux kernel code * Tue Nov 10 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-10 - Information leak via power sidechannel [XSA-351, CVE-2020-28368] (#1897146) - add make as build requires * Tue Nov 03 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-9 - revised patch for XSA-286 (mitigating performance impact) * Fri Oct 30 2020 Jeff Law <law@redhat.com> - 4.14.0-8 - Work around gcc-11 stringop-overflow diagnostics as well * Wed Oct 28 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-7 - x86 PV guest INVLPG-like flushes may leave stale TLB entries [XSA-286, CVE-2020-27674] (#1891092) - simplify grub scripts (patches from Thierry Vignaud <tvignaud@redhat.com>) - some fixes for gcc 11 * Tue Oct 20 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-6 - x86: Race condition in Xen mapping code [XSA-345, CVE-2020-27672] (#1891097) - undue deferral of IOMMU TLB flushes [XSA-346, CVE-2020-27671] (#1891093) - unsafe AMD IOMMU page table updates [XSA-347, CVE-2020-27670] (#1891088) * Tue Sep 22 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-5 - x86 pv: Crash when handling guest access to MSR_MISC_ENABLE [XSA-333, CVE-2020-25602] (#1881619) - Missing unlock in XENMEM_acquire_resource error path [XSA-334, CVE-2020-25598] (#1881616) - race when migrating timers between x86 HVM vCPU-s [XSA-336, CVE-2020-25604] (#1881618) - PCI passthrough code reading back hardware registers [XSA-337, CVE-2020-25595] (#1881587) - once valid event channels may not turn invalid [XSA-338, CVE-2020-25597] (#1881588) - x86 pv guest kernel DoS via SYSENTER [XSA-339, CVE-2020-25596] (#1881617) - Missing memory barriers when accessing/allocating an event channel [XSA-340, CVE-2020-25603] (#1881583) - out of bounds event channels available to 32-bit x86 domains [XSA-342, CVE-2020-25600] (#1881582) - races with evtchn_reset() [XSA-343, CVE-2020-25599] (#1881581) - lack of preemption in evtchn_reset() / evtchn_destroy() [XSA-344, CVE-2020-25601] (#1881586)
/boot/flask /boot/flask/xenpolicy-4.16.2 /boot/xen-4.16.2.config /boot/xen-4.16.2.gz /usr/lib/debug/.build-id /usr/lib/debug/.build-id/8d /usr/lib/debug/.build-id/8d/ff6adbef898ea47126bf917793cc2818025bd1 /usr/lib/debug/.build-id/8d/ff6adbef898ea47126bf917793cc2818025bd1.debug /usr/lib/debug/xen-4.16.2.efi.map /usr/lib/debug/xen-syms-4.16.2 /usr/lib/debug/xen-syms-4.16.2.map /usr/lib64/efi/xen-4.16.2.efi /usr/lib64/efi/xen-4.16.2.notstripped.efi
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu May 9 19:58:19 2024