Change log for xen package in Ubuntu
| 1 → 75 of 200 results | First • Previous • Next • Last |
xen (4.17.3+10-g091466ba55-1.1ubuntu3) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- William Grant <email address hidden> Mon, 01 Apr 2024 15:46:35 +1100
xen (4.17.3+10-g091466ba55-1.1ubuntu2) noble; urgency=medium * Add a cast to make this also work without warning on amd64. -- Steve Langasek <email address hidden> Thu, 07 Mar 2024 17:31:30 +0000
| Superseded in noble-proposed |
xen (4.17.3+10-g091466ba55-1.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1063270 -- Steve Langasek <email address hidden> Thu, 29 Feb 2024 07:08:41 +0000
Available diffs
xen (4.17.3+10-g091466ba55-1) unstable; urgency=medium
* Update to new upstream version 4.17.3+10-g091466ba55, which also contains
security fixes for the following issues:
- arm32: The cache may not be properly cleaned/invalidated (take two)
XSA-447 CVE-2023-46837
- pci: phantom functions assigned to incorrect contexts
XSA-449 CVE-2023-46839
- VT-d: Failure to quarantine devices in !HVM builds
XSA-450 CVE-2023-46840
* Note that the following XSA are not listed, because...
- XSA-448 has patches for the Linux kernel.
* Compilation with Python 3.12 has been fixed in upstream commit 4000522008
("Only compile the hypervisor with -Wdeclaration-after-statement")
(Closes: #1062048)
-- Hans van Kranenburg <email address hidden> Sun, 04 Feb 2024 13:45:17 +0100
Available diffs
| Deleted in noble-updates (Reason: superseded by release) |
| Superseded in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
xen (4.17.2+76-ge1f9cb16e2-1ubuntu1) noble; urgency=medium
* Do not treat declaration-after-statement warnings as errors
to avoid FTBFS with Python 3.12
-- Graham Inggs <email address hidden> Wed, 31 Jan 2024 07:08:26 +0000
| Superseded in noble-proposed |
xen (4.17.2+76-ge1f9cb16e2-1build1) noble; urgency=medium * No-change rebuild with Python 3.12 as default -- Graham Inggs <email address hidden> Sat, 20 Jan 2024 09:19:41 +0000
Available diffs
xen (4.17.2+76-ge1f9cb16e2-1) unstable; urgency=medium
* Update to new upstream version 4.17.2-76-ge1f9cb16e2, which also contains
security fixes for the following issues: (Closes: #1056928)
- x86/AMD: mismatch in IOMMU quarantine page table levels
XSA-445 CVE-2023-46835
- x86: BTC/SRSO fixes not fully effective
XSA-446 CVE-2023-46836
-- Maximilian Engelhardt <email address hidden> Wed, 29 Nov 2023 20:17:30 +0100
Available diffs
xen (4.17.2+55-g0b56bed864-1) unstable; urgency=medium
* Update to new upstream version 4.17.2+55-g0b56bed864, which also contains
security fixes for the following issues:
- arm32: The cache may not be properly cleaned/invalidated
XSA-437 CVE-2023-34321
- top-level shadow reference dropped too early for 64-bit PV guests
XSA-438 CVE-2023-34322
- x86/AMD: Divide speculative information leak
XSA-439 CVE-2023-20588
- xenstored: A transaction conflict can crash C Xenstored
XSA-440 CVE-2023-34323
- x86/AMD: missing IOMMU TLB flushing
XSA-442 CVE-2023-34326
- Multiple vulnerabilities in libfsimage disk handling
XSA-443 CVE-2023-34325
- x86/AMD: Debug Mask handling
XSA-444 CVE-2023-34327 CVE-2023-34328
* Note that the following XSA are not listed, because...
- XSA-441 has patches for the Linux kernel.
-- Hans van Kranenburg <email address hidden> Thu, 12 Oct 2023 19:25:55 +0200
Available diffs
| Superseded in noble-release |
| Published in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
xen (4.17.2-1) unstable; urgency=medium
* Update to new upstream version 4.17.2, which also contains
security fixes for the following issues: (Closes: #1042102)
- x86/AMD: Zenbleed
XSA-433 CVE-2023-20593
- x86/AMD: Speculative Return Stack Overflow
XSA-434 CVE-2023-20569
- x86/Intel: Gather Data Sampling
XSA-435 CVE-2022-40982
- arm: Guests can trigger a deadlock on Cortex-A77
XSA-436 CVE-2023-34320
* Note that the following XSA are not listed, because...
- XSA-432 has patches for the Linux kernel.
-- Maximilian Engelhardt <email address hidden> Sun, 20 Aug 2023 16:08:59 +0200
Available diffs
- diff from 4.17.1+2-gb773c48e36-1 to 4.17.2-1 (71.7 KiB)
xen (4.17.1+2-gb773c48e36-1) unstable; urgency=medium
* Update to new upstream version 4.17.1+2-gb773c48e36, which also contains
security fixes for the following issues:
- x86 shadow paging arbitrary pointer dereference
XSA-430 CVE-2022-42335
(Closes: #1034842)
- Mishandling of guest SSBD selection on AMD hardware
XSA-431 CVE-2022-42336
-- Maximilian Engelhardt <email address hidden> Thu, 18 May 2023 21:26:30 +0200
Available diffs
xen (4.17.0+74-g3eac216e6e-1) unstable; urgency=medium
* Update to new upstream version 4.17.0+74-g3eac216e6e, which also contains
security fixes for the following issues: (Closes: #1033297)
- x86 shadow plus log-dirty mode use-after-free
XSA-427 CVE-2022-42332
- x86/HVM pinned cache attributes mis-handling
XSA-428 CVE-2022-42333 CVE-2022-42334
- x86: speculative vulnerability in 32bit SYSCALL path
XSA-429 CVE-2022-42331
-- Maximilian Engelhardt <email address hidden> Thu, 23 Mar 2023 22:22:48 +0100
Available diffs
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
xen (4.17.0+24-g2f8851c37f-2) unstable; urgency=medium
* Upload to unstable now, since we got message from the OCaml team that we
are not bothering them while they're doing their stack rebuild.
-- Hans van Kranenburg <email address hidden> Mon, 06 Feb 2023 14:27:40 +0100
Available diffs
xen (4.17.0-1build1) lunar; urgency=medium * No-change rebuild with Python 3.11 as default -- Graham Inggs <email address hidden> Mon, 26 Dec 2022 10:08:21 +0000
Available diffs
xen (4.17.0-1) unstable; urgency=medium
* Update to new upstream version 4.17.0.
* No new security fixes are included.
* Note that the following XSA are not listed, because...
- XSA-423 and XSA-424 have patches for the Linux kernel.
* debian/control: update Standards-Version to 4.6.2
* debian/control: update Build-Depends for ocaml
-- Maximilian Engelhardt <email address hidden> Wed, 21 Dec 2022 22:34:51 +0100
Available diffs
xen (4.16.0-1~ubuntu2.1) jammy; urgency=medium * debian/control: Add libzstd-dev as Build-Depends (LP: #1998026) -- Mauricio Faria de Oliveira <email address hidden> Sat, 26 Nov 2022 19:06:42 -0300
Available diffs
- diff from 4.16.0-1~ubuntu2 to 4.16.0-1~ubuntu2.1 (479 bytes)
xen (4.16.2-1ubuntu1) kinetic; urgency=medium * debian/control: Add libzstd-dev as Build-Depends (LP: #1998026) * debian/control: update-maintainer -- Mauricio Faria de Oliveira <email address hidden> Sat, 26 Nov 2022 17:38:33 -0300
Available diffs
xen (4.16.2+90-g0d39a6d1ae-1) unstable; urgency=medium
* Update to new upstream version 4.16.2+90-g0d39a6d1ae, which also contains
security fixes for the following issues:
- Xenstore: guests can let run xenstored out of memory
XSA-326 CVE-2022-42311 CVE-2022-42312 CVE-2022-42313 CVE-2022-42314
CVE-2022-42315 CVE-2022-42316 CVE-2022-42317 CVE-2022-42318
- Arm: unbounded memory consumption for 2nd-level page tables
XSA-409 CVE-2022-33747
- P2M pool freeing may take excessively long
XSA-410 CVE-2022-33746
- lock order inversion in transitive grant copy handling
XSA-411 CVE-2022-33748
- x86: unintended memory sharing between guests
XSA-412 CVE-2022-42327
- Xenstore: Guests can crash xenstored
XSA-414 CVE-2022-42309
- Xenstore: Guests can create orphaned Xenstore nodes
XSA-415 CVE-2022-42310
- Xenstore: Guests can cause Xenstore to not free temporary memory
XSA-416 CVE-2022-42319
- Xenstore: Guests can get access to Xenstore nodes of deleted domains
XSA-417 CVE-2022-42320
- Xenstore: Guests can crash xenstored via exhausting the stack
XSA-418 CVE-2022-42321
- Xenstore: Cooperating guests can create arbitrary numbers of nodes
XSA-419 CVE-2022-42322 CVE-2022-42323
- Oxenstored 32->31 bit integer truncation issues
XSA-420 CVE-2022-42324
- Xenstore: Guests can create arbitrary number of nodes via transactions
XSA-421 CVE-2022-42325 CVE-2022-42326
- x86: Multiple speculative security issues
XSA-422 CVE-2022-23824
* Note that the following XSA are not listed, because...
- XSA-413 applies to XAPI which is not included in Debian
* Drop the "x86/CPUID: surface suitable value in EBX of XSTATE subleaf 1"
patch again because it's included in upstream changes now.
-- Hans van Kranenburg <email address hidden> Wed, 16 Nov 2022 12:50:33 +0100
Available diffs
xen (4.16.2-2) unstable; urgency=medium
* debian/control: Add libzstd-dev as Build-Depends
* Pick upstream commit c3bd0b83ea ("x86/CPUID: surface suitable value in EBX
of XSTATE subleaf 1") to fix compatibility with Linux 5.19.
(Closes: #1020787)
-- Hans van Kranenburg <email address hidden> Wed, 28 Sep 2022 19:03:14 +0200
Available diffs
- diff from 4.16.2-1 to 4.16.2-2 (1.5 KiB)
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
xen (4.16.2-1) unstable; urgency=medium
* Update to new upstream version 4.16.2, which also contains
security fixes for the following issues:
- x86 pv: Race condition in typeref acquisition
XSA-401 CVE-2022-26362
- x86 pv: Insufficient care with non-coherent mappings
XSA-402 CVE-2022-26363 CVE-2022-26364
- Linux disk/nic frontends data leaks
XSA-403 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742
Note that this XSA also contains patches that have to be applied to the
Linux kernel to make use of the new mitigations.
- x86: MMIO Stale Data vulnerabilities
XSA-404 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166
- Retbleed - arbitrary speculative code execution with return instructions
XSA-407 CVE-2022-23816 CVE-2022-23825 CVE-2022-29900
- insufficient TLB flush for x86 PV guests in shadow mode
XSA-408 CVE-2022-33745
* Note that the following XSA are not listed, because...
- XSA-405 and XSA-406 have patches for the Linux kernel.
* d/.../grub.d/xen.cfg: Redirect output when running grub-mkconfig so that
we do not wrongly cause text to end up being part of the generated grub
configuration. (Closes: #1016547)
* Clean up lintian overrides that are reported as unused.
* Move comments about lintian overrides above the override line itself,
instead of being below, as instructed by the lintian documentation.
* Deal with formatting changes in lintian output, which invalidate
overrides we have. Also see Debian bug #1007002 for more information.
-- Hans van Kranenburg <email address hidden> Tue, 23 Aug 2022 13:25:38 +0200
Available diffs
- diff from 4.16.1-1 to 4.16.2-1 (41.4 KiB)
xen (4.11.3+24-g14b62ab3e5-1ubuntu2.3) focal-security; urgency=medium
* SECURITY UPDATE: Fix multiple vulnerabilities
- d/p/xsa312-4.11.patch: Place a speculation barrier sequence
following an eret instruction
- d/p/CVE-2020-11740-and-CVE-2020-11741-1.patch: clear buffer intended
to be shared with guests
- d/p/CVE-2020-11740-and-CVE-2020-11741-2.patch: limit consumption of
shared buffer data
- d/p/CVE-2020-11739.patch: Add missing memory barrier in the unlock
path of rwlock
- d/p/CVE-2020-11743.patch: Fix error path in map_grant_ref()
- d/p/CVE-2020-11742.patch: fix GNTTABOP_copy continuation handling
- d/p/CVE-2020-0543-1.patch: CPUID/MSR definitions for Special
Register Buffer Data Sampling
- d/p/CVE-2020-0543-2.patch: Mitigate the Special Register Buffer
Data Sampling sidechannel
- d/p/CVE-2020-0543-3.patch: Allow the RDRAND/RDSEED features to be
hidden
- d/p/CVE-2020-15566.patch: Don't ignore error in get_free_port()
- d/p/CVE-2020-15563.patch: correct an inverted conditional in dirty
VRAM tracking
- d/p/CVE-2020-15565-1.patch: improve IOMMU TLB flush
- d/p/CVE-2020-15565-2.patch: prune (and rename) cache flush
functions
- d/p/CVE-2020-15565-3.patch: introduce a cache sync hook
- d/p/CVE-2020-15565-4.patch: don't assume addresses are aligned in
sync_cache
- d/p/CVE-2020-15564.patch: Check the alignment of the offset passed
via VCPUOP_register_vcpu_info
- d/p/CVE-2020-15567-1.patch: ept_set_middle_entry() related
adjustments
- d/p/CVE-2020-15567-2.patch: atomically modify entries in
ept_next_level
- d/p/CVE-2020-25602.patch: Handle the Intel-specific MSR_MISC_ENABLE
correctly
- d/p/CVE-2020-25604.patch: fix race when migrating timers between
vCPUs
- d/p/CVE-2020-25595-1.patch: get rid of read_msi_msg
- d/p/CVE-2020-25595-2.patch: restrict reading of table/PBA bases
from BARs
- d/p/CVE-2020-25597.patch: relax port_is_valid()
- d/p/CVE-2020-25596.patch: Avoid double exception injection
- d/p/CVE-2020-25603.patch: Add missing barriers when
accessing/allocating an event channel
- d/p/CVE-2020-25600.patch: enforce correct upper limit for 32-bit
guests
- d/p/CVE-2020-25599-1.patch: evtchn_reset() shouldn't succeed with
still-open ports
- d/p/CVE-2020-25599-2.patch: convert per-channel lock to be IRQ-safe
- d/p/CVE-2020-25599-3.patch: address races with evtchn_reset()
- d/p/CVE-2020-25601-1.patch: arrange for preemption in
evtchn_destroy()
- d/p/CVE-2020-25601-2.patch: arrange for preemption in evtchn_reset()
- CVE-2020-11740
- CVE-2020-11741
- CVE-2020-11739
- CVE-2020-11743
- CVE-2020-11742
- CVE-2020-0543
- CVE-2020-15566
- CVE-2020-15563
- CVE-2020-15565
- CVE-2020-15564
- CVE-2020-15567
- CVE-2020-25602
- CVE-2020-25604
- CVE-2020-25595
- CVE-2020-25597
- CVE-2020-25596
- CVE-2020-25603
- CVE-2020-25600
- CVE-2020-25599
- CVE-2020-25601
-- Luís Infante da Câmara <email address hidden> Mon, 22 Aug 2022 11:20:03 +0200
xen (4.11.3+24-g14b62ab3e5-1ubuntu2.2) focal; urgency=medium
* Fix FTBFS on armhf/arm64 due to missing <asm/unaligned.h>:
- d/p/lp1956166-0006-fix-ftbfs-arm-lzo-unaligned.h.patch
Available diffs
| Superseded in focal-proposed |
xen (4.11.3+24-g14b62ab3e5-1ubuntu2.1) focal; urgency=medium * Add support for zstd compressed kernels for Dom0/DomU on x86 (LP: #1956166) - d/p/lp1956166-0001-introduce-unaligned.h.patch - d/p/lp1956166-0002-lib-introduce-xxhash.patch - d/p/lp1956166-0003-x86-Dom0-support-zstd-compressed-kernels.patch - d/p/lp1956166-0004-libxenguest-add-get_unaligned_le32.patch - d/p/lp1956166-0005-libxenguest-support-zstd-compressed-kernels.patch - d/control: add libzstd-dev as build-dep -- Mauricio Faria de Oliveira <email address hidden> Mon, 04 Jul 2022 16:02:20 -0300
Available diffs
xen (4.16.1-1) unstable; urgency=medium
* Update to new upstream version 4.16.1, which also contains security fixes
for the following issues:
- Racy interactions between dirty vram tracking and paging log dirty
hypercalls
XSA-397 CVE-2022-26356
- Multiple speculative security issues
XSA-398 (no CVE yet)
- race in VT-d domain ID cleanup
XSA-399 CVE-2022-26357
- IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues
XSA-400 CVE-2022-26358 CVE-2022-26359 CVE-2022-26360 CVE-2022-26361
* Note that the following XSA are not listed, because...
- XSA-396 has patches for the Linux kernel.
* Don't ship NEWS in libxen* packages. Instead, only ship relevant NEWS
items for actual hypervisor and/or utils packages they belong to.
(Closes: #962267)
* d/control: make xen-hypervisor-common arch specific, just like
xen-utils-common.
* d/control: stop recommending qemu-system-x86 on arm, because qemu is not
being built with xen support on arm...
* Add a patch for tools/libs/light/Makefile which prevents build.o and
build.opic to be rebuilt unneededly during the package install phase,
causing a FTBFS because it triggers the use of ccache, which is not
allowed in the install phase of building the Debian packages.
Improvements related to Qemu integration: [Michael Tokarev]
* d/xen-utils-common.xen.init: properly disable qemu monitor/serial/parallel
devices for qemu started at boot.
* debian: switch from recommending qemu-system-x86 to qemu-system-xen and
mention this change in the NEWS file.
* Add patch "give meaningful error message if qemu device model is
unavailable" to give a useful error message only in case the domU needs
the qemu device model which is not installed, instead of giving a warning
about missing qemu even if it is not used by this domain.
Documentation, grammar and spelling fixes and improvements:
* d/control: drop obsolete paragraph about separate xen linux kernel package
* d/control: Harmonize the capitalization of the 'Xen' word [Diederik de Haas]
* d/control: Improve spelling and grammar [Diederik de Haas]`
-- Hans van Kranenburg <email address hidden> Mon, 09 May 2022 22:29:23 +0200
Available diffs
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
xen (4.16.0-1~ubuntu2) jammy; urgency=medium
* Merge Debian experimental/salsa, among many other changes this fixes
booting kernels with zstd compression (LP: #1956166).
Remaining changes:
- Recommend qemu-system-x86-xen
* Dropped changes:
- Additional patches to handle compiling with gcc10 [in upstream]
- Select python2 for xen-init-* scripts [Debian is on python3 now]
- Enforce python2 usage [Debian is on python3 now]
- Build-depend on python2-dev.
- Build using python2.
- Build-depend on lmodern.
- Handle config file moving between packages [no more needed]
* Note changes already dropped in 4.11.4+24-gddaaccbbab-1ubuntu2
- Set python2 for xen-init-name and xen-init-list scripts
[in Debian]
- Force fcf-protection off when using -mindirect-branch
[fixed upstream]
- Update: Building hypervisor with cf-protection enabled
[fixed upstream]
- Strip .note.gnu.property section for intermediate files
[no more needed with the groovy toolchain]
- Add transitional packages for upgrades
[no more needed post focal]
Available diffs
| Superseded in jammy-proposed |
xen (4.16.0-1~ubuntu1) jammy; urgency=medium
* Merge Debian experimental/salsa, among many other changes this fixes
booting kernels with zstd compression (LP: #1956166).
Remaining changes:
- Recommend qemu-system-x86-xen
* Dropped changes:
- Additional patches to handle compiling with gcc10 [in upstream]
- Select python2 for xen-init-* scripts [Debian is on python3 now]
- Enforce python2 usage [Debian is on python3 now]
- Build-depend on python2-dev.
- Build using python2.
- Build-depend on lmodern.
- Handle config file moving between packages [no more needed]
* Note changes already dropped in 4.11.4+24-gddaaccbbab-1ubuntu2
- Set python2 for xen-init-name and xen-init-list scripts
[in Debian]
- Force fcf-protection off when using -mindirect-branch
[fixed upstream]
- Update: Building hypervisor with cf-protection enabled
[fixed upstream]
- Strip .note.gnu.property section for intermediate files
[no more needed with the groovy toolchain]
- Add transitional packages for upgrades
[no more needed post focal]
-- Christian Ehrhardt <email address hidden> Tue, 18 Jan 2022 11:00:29 +0100
Available diffs
| Superseded in jammy-release |
| Obsolete in impish-release |
| Obsolete in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
xen (4.11.4+24-gddaaccbbab-1ubuntu2) groovy; urgency=medium
[ Stefan Bader ]
* Merge from Debian/Sid. Remaining changes:
- Enforce python2 usage
- Build-depend on python2-dev.
- Build using python2.
- Build-depend on lmodern.
- Recommend qemu-system-x86-xen
- Handle config file moving between packages
* Additional patches to handle compiling with gcc10:
- d/p/gcc10-compat/0001-x86-build32-Discard-all-orphaned-sections.patch
- d/p/gcc10-compat/0002-x86-build-Unilaterally-disable-fcf-protection.patch
- d/p/gcc10-compat/0003-tools-xenstore-mark-variable-in-header-as-extern.patch
- d/p/gcc10-compat/0004-stubdom-vtpm-add-extern-to-function-declarations.patch
- d/p/gcc10-compat/0005-kdd-stop-using-0-arrays-to-access-packet-contents.patch
- d/p/gcc10-compat/0006-kdd-fix-build-again.patch
- d/p/gcc10-compat/0010-libxlu_pci-initvar-fix.patch
- d/p/gcc10-compat/0011-xs-fake-xprintf-symbol.patch
- d/p/gcc10-compat/0012-tools-xenpmd-fix-snprintf.patch
* Dropped changes
- Set python2 for xen-init-name and xen-init-list scripts
[in Debian]
- Force fcf-protection off when using -mindirect-branch
[fixed upstream]
- Update: Building hypervisor with cf-protection enabled
[fixed upstream]
- Strip .note.gnu.property section for intermediate files
[no more needed with the groovy toolchain]
- Add transitional packages for upgrades
[no more needed post focal]
[ Christian Ehrhardt ]
* d/p/gcc10-compat/xen-arm64-force-gcc-10-to-always-inline-generic-atom.patch
-- Stefan Bader <email address hidden> Mon, 31 Aug 2020 16:59:15 +0200
Available diffs
| Superseded in groovy-proposed |
xen (4.11.4+24-gddaaccbbab-1ubuntu1) groovy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Enforce python2 usage
- Build-depend on python2-dev.
- Build using python2.
- Build-depend on lmodern.
- Set python2 for xen-init-name and xen-init-list scripts
- Recommend qemu-system-x86-xen
- Force fcf-protection off when using -mindirect-branch
- Strip .note.gnu.property section for intermediate files
- Add transitional packages for upgrades
- Handle config file moving between packages
- Update: Building hypervisor with cf-protection enabled
Available diffs
| Superseded in groovy-proposed |
xen (4.11.3+24-g14b62ab3e5-1ubuntu3) groovy; urgency=medium * Rebuild against new OCAML ABI. -- Gianfranco Costamagna <email address hidden> Mon, 24 Aug 2020 12:40:38 +0200
Available diffs
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
xen (4.11.3+24-g14b62ab3e5-1ubuntu2) focal; urgency=medium * Update: Building hypervisor with cf-protection enabled * Set python2 for xen-init-name and xen-init-list scripts -- Stefan Bader <email address hidden> Mon, 09 Mar 2020 16:17:56 +0100
Available diffs
xen (4.11.3+24-g14b62ab3e5-1ubuntu1) focal; urgency=medium
* Merge from Debian/Sid. Remaining changes:
- Enforce python2 usage
- Build-depend on python2-dev.
- Build using python2.
- Build-depend on lmodern.
- Recommend qemu-system-x86-xen
- Force fcf-protection off when using -mindirect-branch
- Strip .note.gnu.property section for intermediate files
- Add transitional packages for upgrades
- Handle config file moving between packages
-- Stefan Bader <email address hidden> Thu, 06 Feb 2020 15:45:33 +0100
Available diffs
xen (4.9.2-0ubuntu7) focal; urgency=medium * No-change rebuild with fixed binutils on arm64. -- Matthias Klose <email address hidden> Sat, 08 Feb 2020 11:21:18 +0000
Available diffs
- diff from 4.9.2-0ubuntu6 to 4.9.2-0ubuntu7 (313 bytes)
| Superseded in focal-release |
| Superseded in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
xen (4.9.2-0ubuntu6) focal; urgency=medium * Build-depend on python2-dev. * Depend on python2. * Build using python2. * Build-depend on lmodern. -- Matthias Klose <email address hidden> Mon, 13 Jan 2020 14:51:35 +0100
Available diffs
- diff from 4.9.2-0ubuntu2 to 4.9.2-0ubuntu6 (14.3 KiB)
| Obsolete in eoan-updates |
| Obsolete in disco-updates |
| Deleted in eoan-proposed (Reason: moved to -updates) |
| Deleted in disco-proposed (Reason: moved to -updates) |
xen (4.9.2-0ubuntu5) disco; urgency=medium * Fix FTBS in Eoan (LP: #1823441). Except the last two changes, these are all cherry picks from Xen upstream to handle gcc8 and gcc9 changes. - d/p/x86-e820-fix-build-with-gcc9.patch - d/p/x86-IO-APIC-fix-build-with-gcc9.patch - d/p/trace-fix-build-with-gcc9.patch - d/p/tools-libxc-fix-strncpy-size.patch - d/p/tools-misc-fix-hypothetical-buffer-overflow-in-xen-l.patch - d/p/tools-xentop-replace-use-of-deprecated-vwprintw.patch - d/p/tools-xenpmd-fix-possible-0-truncation.patch - d/p/xenpmd-make-32-bit-gcc-8.1-non-debug-build-work.patch - d/p/libacpi-fixes-for-iasl-20180427.patch - d/p/tools-blktap2-fix-possible-0-truncation.patch - d/p/tools-blktap2-fix-hypothetical-buffer-overflow.patch - d/p/libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch - d/p/ubuntu/flags-fcs-protect-none.patch - d/p/ubuntu/strip-note-gnu-property.patch * Fix decode failed panics with v5.2+ kernels (LP: #1851091) - d/p/0001-lz4-refine-commit-9143a6c55ef7-for-the-64-bit-case.patch - d/p/0002-lz4-pull-out-constant-tables.patch - d/p/0003-lz4-fix-system-halt-at-boot-kernel-on-x86_64.patch -- Stefan Bader <email address hidden> Wed, 11 Dec 2019 17:23:34 +0100
Available diffs
- diff from 4.9.2-0ubuntu3 to 4.9.2-0ubuntu5 (13.5 KiB)
- diff from 4.9.2-0ubuntu2 to 4.9.2-0ubuntu5 (13.4 KiB)
| Deleted in eoan-proposed (Reason: FTBFS; will be replaced by a copy-forward from disco in t...) |
xen (4.9.2-0ubuntu3) eoan; urgency=medium * No-change upload with strops.h and sys/strops.h removed in glibc. -- Matthias Klose <email address hidden> Thu, 05 Sep 2019 11:16:44 +0000
Available diffs
- diff from 4.9.2-0ubuntu2 to 4.9.2-0ubuntu3 (328 bytes)
| Superseded in focal-release |
| Obsolete in eoan-release |
| Obsolete in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
xen (4.9.2-0ubuntu2) cosmic; urgency=medium * No-change rebuild for ncurses soname changes. -- Matthias Klose <email address hidden> Thu, 03 May 2018 14:20:24 +0000
Available diffs
- diff from 4.9.2-0ubuntu1 to 4.9.2-0ubuntu2 (328 bytes)
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
xen (4.9.2-0ubuntu1) bionic; urgency=medium * Update to upstream 4.9.2 release (LP: #1763354). Changes include numerous bugfixes, including security fixes/updates. 4.9.0 -> 4.9.1: - XSA-226 / CVE-2017-12135 (replacement) - XSA-227 / CVE-2017-12137 (replacement) - XSA-228 / CVE-2017-12136 (replacement) - XSA-230 / CVE-2017-12855 (replacement) - XSA-231 / CVE-2017-14316 (replacement) - XSA-232 / CVE-2017-14318 (replacement) - XSA-233 / CVE-2017-14317 (replacement) - XSA-234 / CVE-2017-14319 (replacement) - XSA-235 / CVE-2017-15596 (replacement) - XSA-236 / CVE-2017-15597 (new) - XSA-237 / CVE-2017-15590 (replacement) - XSA-238 / CVE-2017-15591 (replacement) - XSA-239 / CVE-2017-15589 (replacement) - XSA-240 / CVE-2017-15595 (update) - XSA-241 / CVE-2017-15588 (replacement) - XSA-242 / CVE-2017-15593 (replacement) - XSA-243 / CVE-2017-15592 (replacement) - XSA-244 / CVE-2017-15594 (replacement) - XSA-245 / CVE-2017-17046 (replacement) 4.9.1 -> 4.9.2: - XSA-246 / CVE-2017-17044 (new) - XSA-247 / CVE-2017-17045 (new) - XSA-248 / CVE-2017-17566 (new) - XSA-249 / CVE-2017-17563 (new) - XSA-250 / CVE-2017-17564 (new) - XSA-251 / CVE-2017-17565 (new) - XSA-252 / CVE-2018-7540 (new) - XSA-254 / CVE-2017-5754 (new / XPTI Meltdown mitigation) - XSA-255 / CVE-2018-7541 (new) - XSA-256 / CVE-2018-7542 (new) * Dropped: d/p/ubuntu/tools-fix-ftbs-arm.patch (upstream) -- Stefan Bader <email address hidden> Thu, 12 Apr 2018 11:54:57 +0200
Available diffs
- diff from 4.9.0-0ubuntu4 to 4.9.2-0ubuntu1 (435.6 KiB)
xen (4.9.0-0ubuntu4) bionic; urgency=medium * Compile and ship vhd-util. * Add dh-python to build-depends. -- Dimitri John Ledkov <email address hidden> Fri, 06 Apr 2018 17:35:43 +0100
Available diffs
xen (4.4.2-0ubuntu0.14.04.14) trusty-security; urgency=medium
* Applying Xen Security Advisories:
- CVE-2017-14316 / XSA-231
- xen/mm: make sure node is less than MAX_NUMNODES
- CVE-2017-14317 / XSA-233
- tools/xenstore: dont unlink connection object twice
- CVE-2017-14319 / XSA-234
- gnttab: also validate PTE permissions upon destroy/replace
- XSA-235
- arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
- XSA-237
- x86: don't allow MSI pIRQ mapping on unowned device
- x86: enforce proper privilege when (un)mapping pIRQ-s
- x86/MSI: disallow redundant enabling
- x86/MSI: fix error handling
- x86/IRQ: conditionally preserve irq <-> pirq mapping on map error
paths
- x86/FLASK: fix unmap-domain-IRQ XSM hook
- XSA-239
- x86/HVM: prefill partially used variable on emulation paths
- XSA-240
- x86: limit linear page table use to a single level
- x86/mm: Disable PV linear pagetables by default
- XSA-241
- x86: don't store possibly stale TLB flush time stamp
- XSA-242
- x86: don't allow page_unlock() to drop the last type reference
- XSA-243
- x86: Disable the use of auto-translated PV guestsx86: Disable the use
of auto-translated PV guests
- x86/shadow: Don't create self-linear shadow mappings for 4-level
translated guests
- XSA-244
- x86/cpu: Fix IST handling during PCPU bringup
Available diffs
xen (4.6.5-0ubuntu1.4) xenial-security; urgency=medium
* Applying Xen Security Advisories:
- CVE-2017-14316 / XSA-231
- xen/mm: make sure node is less than MAX_NUMNODES
- CVE-2017-14318 / XSA-232
- grant_table: fix GNTTABOP_cache_flush handling
- CVE-2017-14317 / XSA-233
- tools/xenstore: dont unlink connection object twice
- CVE-2017-14319 / XSA-234
- gnttab: also validate PTE permissions upon destroy/replace
- XSA-235
- arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
- XSA-237
- x86: don't allow MSI pIRQ mapping on unowned device
- x86: enforce proper privilege when (un)mapping pIRQ-s
- x86/MSI: disallow redundant enabling
- x86/IRQ: conditionally preserve irq <-> pirq mapping on map error
paths
- x86/FLASK: fix unmap-domain-IRQ XSM hook
- XSA-238
- x86/ioreq server: correctly handle bogus
XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments
- XSA-239
- x86/HVM: prefill partially used variable on emulation paths
- XSA-240
- x86: limit linear page table use to a single level
- x86/mm: Disable PV linear pagetables by default
- XSA-241
- x86: don't store possibly stale TLB flush time stamp
- XSA-242
- x86: don't allow page_unlock() to drop the last type reference
- XSA-243
- x86: Disable the use of auto-translated PV guestsx86: Disable the use
of auto-translated PV guests
- x86/shadow: Don't create self-linear shadow mappings for 4-level
translated guests
- XSA-244
- x86/cpu: Fix IST handling during PCPU bringup
- XSA-245
- xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn
- xen/arm: Correctly report the memory region in the dummy NUMA helpers
Available diffs
xen (4.8.0-1ubuntu2.4) zesty-security; urgency=medium
* Applying Xen Security Advisories:
- CVE-2017-14316 / XSA-231
- xen/mm: make sure node is less than MAX_NUMNODES
- CVE-2017-14318 / XSA-232
- grant_table: fix GNTTABOP_cache_flush handling
- CVE-2017-14317 / XSA-233
- tools/xenstore: dont unlink connection object twice
- CVE-2017-14319 / XSA-234
- gnttab: also validate PTE permissions upon destroy/replace
- XSA-235
- arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
- XSA-237
- x86: don't allow MSI pIRQ mapping on unowned device
- x86: enforce proper privilege when (un)mapping pIRQ-s
- x86/MSI: disallow redundant enabling
- x86/IRQ: conditionally preserve irq <-> pirq mapping on map error
paths
- x86/FLASK: fix unmap-domain-IRQ XSM hook
- XSA-238
- x86/ioreq server: correctly handle bogus
XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments
- XSA-239
- x86/HVM: prefill partially used variable on emulation paths
- XSA-240
- x86: limit linear page table use to a single level
- x86/mm: Disable PV linear pagetables by default
- XSA-241
- x86: don't store possibly stale TLB flush time stamp
- XSA-242
- x86: don't allow page_unlock() to drop the last type reference
- XSA-243
- x86/shadow: Don't create self-linear shadow mappings for 4-level
translated guests
- XSA-244
- x86/cpu: Fix IST handling during PCPU bringup
- XSA-245
- xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn
- xen/arm: Correctly report the memory region in the dummy NUMA helpers
Available diffs
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
xen (4.9.0-0ubuntu3) artful; urgency=medium
* Applying Xen Security Advisories:
- CVE-2017-12135 / XSA-226
- Revert: grant_table: Default to v1, and disallow transitive grants
- gnttab: don't use possibly unbounded tail calls
- gnttab: fix transitive grant handling
- CVE-2017-14316 / XSA-231
- xen/mm: make sure node is less than MAX_NUMNODES
- CVE-2017-14318 / XSA-232
- grant_table: fix GNTTABOP_cache_flush handling
- CVE-2017-14317 / XSA-233
- tools/xenstore: dont unlink connection object twice
- CVE-2017-14319 / XSA-234
- gnttab: also validate PTE permissions upon destroy/replace
- XSA-235
- arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
- XSA-237
- x86: don't allow MSI pIRQ mapping on unowned device
- x86: enforce proper privilege when (un)mapping pIRQ-s
- x86/MSI: disallow redundant enabling
- x86/IRQ: conditionally preserve irq <-> pirq mapping on map error paths
- x86/FLASK: fix unmap-domain-IRQ XSM hook
- XSA-238
- x86/ioreq server: correctly handle bogus
XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments
- XSA-239
- x86/HVM: prefill partially used variable on emulation paths
- XSA-240
- x86: limit linear page table use to a single level
- x86/mm: Disable PV linear pagetables by default
- XSA-241
- x86: don't store possibly stale TLB flush time stamp
- XSA-242
- x86: don't allow page_unlock() to drop the last type reference
- XSA-243
- x86/shadow: Don't create self-linear shadow mappings for 4-level
translated guests
- XSA-244
- x86/cpu: Fix IST handling during PCPU bringup
- XSA-245
- xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn
- xen/arm: Correctly report the memory region in the dummy NUMA helpers
-- Stefan Bader <email address hidden> Tue, 10 Oct 2017 11:24:52 +0200
Available diffs
- diff from 4.9.0-0ubuntu2 to 4.9.0-0ubuntu3 (25.9 KiB)
xen (4.9.0-0ubuntu2) artful; urgency=medium * Add libxendevicemodel references to d/libxen-dev.install
Available diffs
- diff from 4.8.0-1ubuntu2 to 4.9.0-0ubuntu2 (1.2 MiB)
- diff from 4.9.0-0ubuntu1 to 4.9.0-0ubuntu2 (503 bytes)
| Superseded in artful-proposed |
xen (4.9.0-0ubuntu1) artful; urgency=medium
* Update to upstream 4.9.0 release.
Changes include numerous bugfixes, including security fixes for:
XSA-213 / CVE-2017-8903
XSA-214 / CVE-2017-8904
XSA-217 / CVE-2017-10912
XSA-218 / CVE-2017-10913, CVE-2017-10914
XSA-219 / CVE-2017-10915
XSA-220 / CVE-2017-10916
XSA-221 / CVE-2017-10917
XSA-222 / CVE-2017-10918
XSA-223 / CVE-2017-10919
XSA-224 / CVE-2017-10920, CVE-2017-10921, CVE-2017-10922
XSA-225 / CVE-2017-10923
* Additional CVE's:
- XSA-226 / CVE-2017-12135
- XSA-227 / CVE-2017-12137
- XSA-228 / CVE-2017-12136
- XSA-230 / CVE-2017-12855
* Additional fixes:
- debian/rules.real:
- Add a call to build common tool headers
- Add a call to install common tool headers
- Add checking of return values of asprintf calls.
- d/p/ubuntu/tools-xs-test-hardening.patch
- Add additional modifications for new libxendevicemodel
- d/p/ubuntu/tools-libs-abiname.diff
- Fix a segmentation fault when mmio_hole is set in hvm.cfg (from 4.9.y)
- d/p/upstream-4.9.1-tools-libxl-Fix-a-segment-fault-when-mmio_hole...
- Enable Local MCE feature
- d/p/.../0001-x86-mce-make-mce-barriers-private-to-their-users.patch
- d/p/.../0002-x86-mce-make-found_error-and-mce_fatal_cpus-private-.patch
- d/p/.../0003-x86-mce-fix-comment-of-struct-mc_telem_cpu_ctl.patch
- d/p/.../0004-x86-mce-allow-mce_barrier_-enter-exit-to-return-with.patch
- d/p/.../0005-x86-mce-handle-host-LMCE.patch
- d/p/.../0006-x86-mce_intel-detect-and-enable-LMCE-on-Intel-host.patch
- d/p/.../0007-x86-domctl-generalize-the-restore-of-vMCE-parameters.patch
- d/p/.../0008-x86-vmce-emulate-MSR_IA32_MCG_EXT_CTL.patch
- d/p/.../0009-x86-vmce-enable-injecting-LMCE-to-guest-on-Intel-hos.patch
- d/p/.../0010-x86-vmx-expose-LMCE-feature-via-guest-MSR_IA32_FEATU.patch
- d/p/.../0011-x86-vmce-tools-libxl-expose-LMCE-capability-in-guest.patch
- d/p/.../0012-x86-mce-add-support-of-vLMCE-injection-to-XEN_MC_inj.patch
- Re-introduce (fake) xs_restrict call to keep libxenstore version at
3.0 for now.
- d/p/ubuntu/tools-fake-xs-restrict.patch
- debian/libxenstore3.0.symbols:
- Added xs_control_command
- xen-4.9.0/debian/xen-hypervisor-4.9.xen.cfg:
- Modified GRUB_DEFAULT setting to be dynamic (like update-grub does)
which should handle non English environments (LP: #1321144)
-- Stefan Bader <email address hidden> Thu, 17 Aug 2017 11:37:11 +0200
Available diffs
xen (4.6.5-0ubuntu1.2) xenial-security; urgency=low
* Applying Xen Security Advisories:
- XSA-217
- x86/mm: disallow page stealing from HVM domains
- XSA-218
- IOMMU: handle IOMMU mapping and unmapping failures
- gnttab: fix unmap pin accounting race
- gnttab: Avoid potential double-put of maptrack entry
- gnttab: correct maptrack table accesses
- XSA-219
- 86/shadow: Hold references for the duration of emulated writes
- XSA-220
- x86: avoid leaking PKRU and BND* between vCPU-s
- XSA-221
- evtchn: avoid NULL derefs
- XSA-222
- xen/memory: Fix return value handing of guest_remove_page()
- guest_physmap_remove_page() needs its return value checked
- XSA-223
- arm: vgic: Don't update the LR when the IRQ is not enabled
- XSA-224
- gnttab: Fix handling of dev_bus_addr during unmap
- gnttab: never create host mapping unless asked to
- gnttab: correct logic to get page references during map requests
- gnttab: __gnttab_unmap_common_complete() is all-or-nothing
- XSA-225
- xen/arm: vgic: Sanitize target mask used to send SGI
-- Stefan Bader <email address hidden> Tue, 04 Jul 2017 11:28:24 +0200
Available diffs
xen (4.4.2-0ubuntu0.14.04.12) trusty-security; urgency=low
* Applying Xen Security Advisories:
- XSA-217
- x86/mm: disallow page stealing from HVM domains
- XSA-218
- IOMMU: handle IOMMU mapping and unmapping failures
- gnttab: fix unmap pin accounting race
- gnttab: Avoid potential double-put of maptrack entry
- gnttab: correct maptrack table accesses
- XSA-219
- 86/shadow: Hold references for the duration of emulated writes
- XSA-221
- evtchn: avoid NULL derefs
- XSA-222
- xen/memory: Fix return value handing of guest_remove_page()
- guest_physmap_remove_page() needs its return value checked
- XSA-224
- gnttab: Fix handling of dev_bus_addr during unmap
- gnttab: never create host mapping unless asked to
- gnttab: correct logic to get page references during map requests
- gnttab: __gnttab_unmap_common_complete() is all-or-nothing
-- Stefan Bader <email address hidden> Tue, 04 Jul 2017 12:20:19 +0200
Available diffs
xen (4.7.2-0ubuntu1.3) yakkety-security; urgency=low
* Applying Xen Security Advisories:
- XSA-217
- x86/mm: disallow page stealing from HVM domains
- XSA-218
- IOMMU: handle IOMMU mapping and unmapping failures
- gnttab: fix unmap pin accounting race
- gnttab: Avoid potential double-put of maptrack entry
- gnttab: correct maptrack table accesses
- XSA-219
- 86/shadow: Hold references for the duration of emulated writes
- XSA-220
- x86: avoid leaking PKRU and BND* between vCPU-s
- XSA-221
- evtchn: avoid NULL derefs
- XSA-222
- xen/memory: Fix return value handing of guest_remove_page()
- guest_physmap_remove_page() needs its return value checked
- XSA-223
- arm: vgic: Don't update the LR when the IRQ is not enabled
- XSA-224
- gnttab: Fix handling of dev_bus_addr during unmap
- gnttab: never create host mapping unless asked to
- gnttab: correct logic to get page references during map requests
- gnttab: __gnttab_unmap_common_complete() is all-or-nothing
- XSA-225
- xen/arm: vgic: Sanitize target mask used to send SGI
-- Stefan Bader <email address hidden> Mon, 03 Jul 2017 16:12:19 +0200
Available diffs
xen (4.8.0-1ubuntu2.2) zesty-security; urgency=low
* Applying Xen Security Advisories:
- XSA-217
- x86/mm: disallow page stealing from HVM domains
- XSA-218
- gnttab: fix unmap pin accounting race
- gnttab: Avoid potential double-put of maptrack entry
- gnttab: correct maptrack table accesses
- XSA-219
- 86/shadow: Hold references for the duration of emulated writes
- XSA-220
- x86: avoid leaking PKRU and BND* between vCPU-s
- XSA-221
- evtchn: avoid NULL derefs
- XSA-222
- xen/memory: Fix return value handing of guest_remove_page()
- guest_physmap_remove_page() needs its return value checked
- XSA-223
- arm: vgic: Don't update the LR when the IRQ is not enabled
- XSA-224
- gnttab: Fix handling of dev_bus_addr during unmap
- gnttab: never create host mapping unless asked to
- gnttab: correct logic to get page references during map requests
- gnttab: __gnttab_unmap_common_complete() is all-or-nothing
- XSA-225
- xen/arm: vgic: Sanitize target mask used to send SGI
-- Stefan Bader <email address hidden> Mon, 03 Jul 2017 12:04:40 +0200
Available diffs
xen (4.7.2-0ubuntu1.2) yakkety-security; urgency=low
* Applying Xen Security Advisories:
- XSA-206
* xenstored: apply a write transaction rate limit
* xenstored: Log when the write transaction rate limit bites
* oxenstored: comments explaining some variables
* oxenstored: handling of domain conflict-credit
* oxenstored: ignore domains with no conflict-credit
* oxenstored: add transaction info relevant to history-tracking
* oxenstored: support commit history tracking
* oxenstored: only record operations with side-effects in history
* oxenstored: discard old commit-history on txn end
* oxenstored: track commit history
* oxenstored: blame the connection that caused a transaction conflict
* oxenstored: allow self-conflicts
* oxenstored: do not commit read-only transactions
* oxenstored: don't wake to issue no conflict-credit
* oxenstored transaction conflicts: improve logging
* oxenstored: trim history in the frequent_ops function
- CVE-2017-7228 / XSA-212
* memory: properly check guest memory ranges in XENMEM_exchange handling
- XSA-213
* multicall: deal with early exit conditions
- XSA-214
* x86: discard type information when stealing pages
-- Stefan Bader <email address hidden> Tue, 09 May 2017 15:31:32 +0200
Available diffs
xen (4.4.2-0ubuntu0.14.04.11) trusty-security; urgency=low
* Applying Xen Security Advisories:
- XSA-206
* xenstored: apply a write transaction rate limit
* xenstored: Log when the write transaction rate limit bites
* oxenstored: exempt dom0 from domU node quotas
* oxenstored: perform a 3-way merge of the quota after a transaction
* oxenstored: catch the error when a connection is already deleted
* oxenstored: use hash table to store socket connections
* oxenstored: enable domain connection indexing based on eventchn port
* oxenstored: only process domain connections that notify us by events
* oxenstored: add a safe net mechanism for existing ill-behaved clients
* oxenstored: refactor putting response on wire
* oxenstored: remove some unused parameters
* oxenstored: refactor request processing
* oxenstored: keep track of each transaction's operations
* oxenstored: move functions that process simple operations
* oxenstored: replay transaction upon conflict
* oxenstored: log request and response during transaction replay
* oxenstored: allow compilation prior to OCaml 3.12.0
* oxenstored: comments explaining some variables
* oxenstored: handling of domain conflict-credit
* oxenstored: ignore domains with no conflict-credit
* oxenstored: add transaction info relevant to history-tracking
* oxenstored: support commit history tracking
* oxenstored: only record operations with side-effects in history
* oxenstored: discard old commit-history on txn end
* oxenstored: track commit history
* oxenstored: blame the connection that caused a transaction conflict
* oxenstored: allow self-conflicts
* oxenstored: do not commit read-only transactions
* oxenstored: don't wake to issue no conflict-credit
* oxenstored transaction conflicts: improve logging
* oxenstored: trim history in the frequent_ops function
- XSA-207
* IOMMU: always call teardown callback
- CVE-2017-2615 / XSA-208
* CVE-2014-8106: cirrus: fix blit region check
* cirrus: fix oob access issue (CVE-2017-2615)
- CVE-2017-2620 / XSA-209
* cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo
- CVE-2016-9603 / XSA-211
* cirrus/vnc: zap drop bitblit support from console code.
- CVE-2017-7228 / XSA-212
* memory: properly check guest memory ranges in XENMEM_exchange handling
- XSA-213
* multicall: deal with early exit conditions
- XSA-214
* x86: discard type information when stealing pages
- XSA-215
* x86: correct create_bounce_frame
-- Stefan Bader <email address hidden> Tue, 09 May 2017 10:13:50 +0200
Available diffs
xen (4.6.5-0ubuntu1.1) xenial-security; urgency=low
* Applying Xen Security Advisories:
- XSA-206
* xenstored: apply a write transaction rate limit
* xenstored: Log when the write transaction rate limit bites
* oxenstored: refactor putting response on wire
* oxenstored: remove some unused parameters
* oxenstored: refactor request processing
* oxenstored: keep track of each transaction's operations
* oxenstored: move functions that process simple operations
* oxenstored: replay transaction upon conflict
* oxenstored: log request and response during transaction replay
* oxenstored: allow compilation prior to OCaml 3.12.0
* oxenstored: comments explaining some variables
* oxenstored: handling of domain conflict-credit
* oxenstored: ignore domains with no conflict-credit
* oxenstored: add transaction info relevant to history-tracking
* oxenstored: support commit history tracking
* oxenstored: only record operations with side-effects in history
* oxenstored: discard old commit-history on txn end
* oxenstored: track commit history
* oxenstored: blame the connection that caused a transaction conflict
* oxenstored: allow self-conflicts
* oxenstored: do not commit read-only transactions
* oxenstored: don't wake to issue no conflict-credit
* oxenstored transaction conflicts: improve logging
* oxenstored: trim history in the frequent_ops function
- CVE-2017-7228 / XSA-212
* memory: properly check guest memory ranges in XENMEM_exchange handling
- XSA-213
* multicall: deal with early exit conditions
- XSA-214
* x86: discard type information when stealing pages
- XSA-215
* x86: correct create_bounce_frame
-- Stefan Bader <email address hidden> Tue, 09 May 2017 15:09:37 +0200
Available diffs
xen (4.8.0-1ubuntu2.1) zesty-security; urgency=low
* Applying Xen Security Advisories:
- XSA-206
* xenstored: apply a write transaction rate limit
* xenstored: Log when the write transaction rate limit bites
* oxenstored: comments explaining some variables
* oxenstored: handling of domain conflict-credit
* oxenstored: ignore domains with no conflict-credit
* oxenstored: add transaction info relevant to history tracking
* oxenstored: support commit history tracking
* oxenstored: only record operations with side-effects in history
* oxenstored: discard old commit-history on txn end
* oxenstored: track commit history
* oxenstored: blame the connection that caused a transaction conflict
* oxenstored: allow self-conflicts
* oxenstored: do not commit read-only transactions
* oxenstored: don't wake to issue no conflict-credit
* oxenstored transaction conflicts: improve logging
* oxenstored: trim history in the frequent_ops function
- XSA-207
* IOMMU: always call teardown callback
- XSA-210
* arm/p2m: remove the page from p2m->pages list before freeing it
- CVE-2017-7228 / XSA-212
* memory: properly check guest memory ranges in XENMEM_exchange handling
- XSA-213
* multicall: deal with early exit conditions
- XSA-214
* x86: discard type information when stealing pages
-- Stefan Bader <email address hidden> Tue, 09 May 2017 09:48:32 +0200
Available diffs
xen (4.4.2-0ubuntu0.14.04.10) trusty; urgency=medium
* Backport upstream change to fix TSC_ADJUST MSR handling in HVM
guests running on Intel based hosts (LP: #1671760)
-- Stefan Bader <email address hidden> Tue, 14 Mar 2017 11:17:48 +0100
Available diffs
xen (4.6.5-0ubuntu1) xenial; urgency=medium * Rebasing to upstream stable release 4.6.5 (LP: #1671864) https://www.xenproject.org/downloads/xen-archives/xen-46-series.html - Includes fix for booting 4.10 Linux kernels in HVM guests on Intel hosts which support the TSC_ADJUST MSR (LP: #1671760) - Additional security relevant changes: * CVE-2013-2076 / XSA-052 (update) - Information leak on XSAVE/XRSTOR capable AMD CPUs * CVE-2016-7093 / XSA-186 (4.6.3 became vulnerable) - x86: Mishandling of instruction pointer truncation during emulation * XSA-207 - memory leak when destroying guest without PT devices - Replacing the following security fixes with the versions from the stable update: * CVE-2015-7812 / XSA-145 - arm: Host crash when preempting a multicall * CVE-2015-7813 / XSA-146 - arm: various unimplemented hypercalls log without rate limiting * CVE-2015-7814 / XSA-147 - arm: Race between domain destruction and memory allocation decrease * CVE-2015-7835 / XSA-148 - x86: Uncontrolled creation of large page mappings by PV guests * CVE-2015-7969 / XSA-149, XSA-151 - leak of main per-domain vcpu pointer array - x86: leak of per-domain profiling-related vcpu pointer array * CVE-2015-7970 / XSA-150 - x86: Long latency populate-on-demand operation is not preemptible * CVE-2015-7971 / XSA-152 - x86: some pmu and profiling hypercalls log without rate limiting * CVE-2015-7972 / XSA-153 - x86: populate-on-demand balloon size inaccuracy can crash guests * CVE-2016-2270 / XSA-154 - x86: inconsistent cachability flags on guest mappings * CVE-2015-8550 / XSA-155 - paravirtualized drivers incautious about shared memory contents * CVE-2015-5307, CVE-2015-8104 / XSA-156 - x86: CPU lockup during exception delivery * CVE-2015-8338 / XSA-158 - long running memory operations on ARM * CVE-2015-8339, CVE-2015-8340 / XSA-159 XENMEM_exchange error handling issues * CVE-2015-8341 / XSA-160 - libxl leak of pv kernel and initrd on error * CVE-2015-8555 / XSA-165 - information leak in legacy x86 FPU/XMM initialization * XSA-166 - ioreq handling possibly susceptible to multiple read issue * CVE-2016-1570 / XSA-167 - PV superpage functionality missing sanity checks * CVE-2016-1571 / XSA-168 - VMX: intercept issue with INVLPG on non-canonical address * CVE-2015-8615 / XSA-169 - x86: unintentional logging upon guest changing callback method * CVE-2016-2271 / XSA-170 - VMX: guest user mode may crash guest with non-canonical RIP * CVE-2016-3158, CVE-2016-3159 / XSA-172 - broken AMD FPU FIP/FDP/FOP leak workaround * CVE-2016-3960 / XSA-173 - x86 shadow pagetables: address width overflow * CVE-2016-4962 / XSA-175 - Unsanitised guest input in libxl device handling code * CVE-2016-4480 / XSA-176 - x86 software guest page walk PS bit handling flaw * CVE-2016-4963 / XSA-178 - Unsanitised driver domain input in libxl device handling * CVE-2016-5242 / XSA-181 - arm: Host crash caused by VMID exhaustion * CVE-2016-6258 / XSA-182 - x86: Privilege escalation in PV guests * CVE-2016-6259 / XSA-183 - x86: Missing SMAP whitelisting in 32-bit exception / event delivery * CVE-2016-7092 / XSA-185 - x86: Disallow L3 recursive pagetable for 32-bit PV guests * CVE-2016-7094 / XSA-187 - x86 HVM: Overflow of sh_ctxt->seg_reg[] * CVE-2016-7777 / XSA-190 - CR0.TS and CR0.EM not always honored for x86 HVM guests * CVE-2016-9386 / XSA-191 - x86 null segments not always treated as unusable * CVE-2016-9382 / XSA-192 - x86 task switch to VM86 mode mis-handled * CVE-2016-9385 / XSA-193 - x86 segment base write emulation lacking canonical address checks * CVE-2016-9383 / XSA-195 - x86 64-bit bit test instruction emulation broken * CVE-2016-9377, CVE-2016-9378 / XSA-196 - x86 software interrupt injection mis-handled * CVE-2016-9379, CVE-2016-9380 / XSA-198 - delimiter injection vulnerabilities in pygrub * CVE-2016-9932 / XSA-200 - x86 CMPXCHG8B emulation fails to ignore operand size override * CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA-201 - ARM guests may induce host asynchronous abort * CVE-2016-10024 / XSA-202 - x86 PV guests may be able to mask interrupts * CVE-2016-10025 / XSA-203 - x86: missing NULL pointer check in VMFUNC emulation * CVE-2016-10013 / XSA-204 - x86: Mishandling of SYSCALL singlestep during emulation -- Stefan Bader <email address hidden> Tue, 14 Mar 2017 16:08:39 +0100
Available diffs
xen (4.7.2-0ubuntu1) yakkety; urgency=medium * Rebasing to upstream stable release 4.7.2 (LP: #1672767) https://www.xenproject.org/downloads/xen-archives/xen-47-series.html - Includes fix for booting 4.10 Linux kernels in HVM guests on Intel hosts which support the TSC_ADJUST MSR (LP: #1671760) - Dropping: d/p/preup-tools-fix-linear-p2m-save.patch which is part of the stable update. - Additional security relevant changes: * XSA-207 - memory leak when destroying guest without PT devices - Replacing the following security fixes with the versions from the stable update: * CVE-2016-6258 / XSA-182 - x86: Privilege escalation in PV guests * CVE-2016-6259 / XSA-183 - x86: Missing SMAP whitelisting in 32-bit exception / event delivery * CVE-2016-7092 / XSA-185 - x86: Disallow L3 recursive pagetable for 32-bit PV guests * CVE-2016-7093 / XSA-186 - x86: Mishandling of instruction pointer truncation during emulation * CVE-2016-7094 / XSA-187 - x86 HVM: Overflow of sh_ctxt->seg_reg[] * CVE-2016-7777 / XSA-190 - CR0.TS and CR0.EM not always honored for x86 HVM guests * CVE-2016-9386 / XSA-191 - x86 null segments not always treated as unusable * CVE-2016-9382 / XSA-192 - x86 task switch to VM86 mode mis-handled * CVE-2016-9385 / XSA-193 - x86 segment base write emulation lacking canonical address checks * CVE-2016-9384 / XSA-194 - guest 32-bit ELF symbol table load leaking host data * CVE-2016-9383 / XSA-195 - x86 64-bit bit test instruction emulation broken * CVE-2016-9377, CVE-2016-9378 / XSA-196 - x86 software interrupt injection mis-handled * CVE-2016-9379, CVE-2016-9380 / XSA-198 - delimiter injection vulnerabilities in pygrub * CVE-2016-9932 / XSA-200 - x86 CMPXCHG8B emulation fails to ignore operand size override * CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA-201 - ARM guests may induce host asynchronous abort * CVE-2016-10024 / XSA-202 - x86 PV guests may be able to mask interrupts * CVE-2016-10025 / XSA-203 - x86: missing NULL pointer check in VMFUNC emulation * CVE-2016-10013 / XSA-204 - x86: Mishandling of SYSCALL singlestep during emulation * Copy contents of debian/build/install-utils_$(ARCH)/usr/sbin into debian/build/install-utils_$ARCH/usr/lib/xen-$(VERSION) (LP: #1396670). -- Stefan Bader <email address hidden> Tue, 14 Mar 2017 15:45:59 +0100
Available diffs
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
xen (4.8.0-1ubuntu2) zesty; urgency=medium
* Cherry-pick upstream change to fix TSC_ADJUST MSR handling in HVM
guests running on Intel based hosts (LP: #1671760)
-- Stefan Bader <email address hidden> Tue, 14 Mar 2017 09:27:04 +0100
Available diffs
xen (4.8.0-1ubuntu1) zesty; urgency=medium
* Merge from Debian unstable. Remaining changes:
- Add transitional package definitions to debian/control and
debian/rules.gen (force hypervisor upgrade).
- Split xen.init into xenstored.init and xen.init
* xen.init depends in xenstored.init and optionally schedules itself
before libvirtd.
* xenstored.init additionally modprobes xen-acpi-processor
- Remove update-alternatives call from xen utils (postinst/prerm) scripts.
- Copy contents of debian/build/install-utils_$(ARCH)/usr/sbin into
debian/build/install-utils_$ARCH/usr/lib/xen-$(VERSION) (LP: #1396670).
-- Stefan Bader <email address hidden> Thu, 26 Jan 2017 12:40:13 +0100
Available diffs
- diff from 4.7.0-0ubuntu2 to 4.8.0-1ubuntu1 (723.7 KiB)
xen (4.4.2-0ubuntu0.14.04.9) trusty-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-9386 / XSA-191
* x86/hvm: Fix the handling of non-present segments
- CVE-2016-9382 / XSA-192
* x86/HVM: don't load LDTR with VM86 mode attrs during task switch
- CVE-2016-9385 / XSA-193
* x86/PV: writes of %fs and %gs base MSRs require canonical addresses
- CVE-2016-9383 / XSA-195
* x86emul: fix huge bit offset handling
- CVE-2016-9381 / XSA-197
* xen: fix ioreq handling
- CVE-2016-9379, CVE-2016-9380 / XSA-198
* pygrub: Properly quote results, when returning them to the caller
- CVE-2016-9637 / XSA-199
* qemu: ioport_read, ioport_write: be defensive about 32-bit addresses
- CVE-2016-9932 / XSA-200
* x86emul: CMPXCHG8B ignores operand size prefix
- CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA.201
* arm64: handle guest-generated EL1 asynchronous abort
* arm64: handle async aborts delivered while at EL2
* arm: crash the guest when it traps on external abort
* arm32: handle async aborts delivered while at HYP
- CVE-2016-10024 / XSA-202
* x86: force EFLAGS.IF on when exiting to PV guests
- CVE-2016-10013 / XSA-204
* x86/emul: Correct the handling of eflags with SYSCALL
-- Stefan Bader <email address hidden> Tue, 10 Jan 2017 16:47:39 +0100
Available diffs
xen (4.6.0-1ubuntu4.3) xenial-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-9386 / XSA-191
* x86/hvm: Fix the handling of non-present segments
- CVE-2016-9382 / XSA-192
* x86/HVM: don't load LDTR with VM86 mode attrs during task switch
- CVE-2016-9385 / XSA-193
* x86/PV: writes of %fs and %gs base MSRs require canonical addresses
- CVE-2016-9383 / XSA-195
* x86emul: fix huge bit offset handling
- CVE-2016-9377, CVE-2016-9378 / XSA-196
* x86/emul: Correct the IDT entry calculation in inject_swint()
* x86/svm: Fix injection of software interrupts
- CVE-2016-9379, CVE-2016-9380 / XSA-198
* pygrub: Properly quote results, when returning them to the caller
- CVE-2016-9932 / XSA-200
* x86emul: CMPXCHG8B ignores operand size prefix
- CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA.201
* arm64: handle guest-generated EL1 asynchronous abort
* arm64: handle async aborts delivered while at EL2
* arm: crash the guest when it traps on external abort
* arm32: handle async aborts delivered while at HYP
- CVE-2016-10024 / XSA-202
* x86: force EFLAGS.IF on when exiting to PV guests
- CVE-2016-10025 / XSA-203
* x86/HVM: add missing NULL check before using VMFUNC hook
- CVE-2016-10013 / XSA-204
* x86/emul: Correct the handling of eflags with SYSCALL
-- Stefan Bader <email address hidden> Tue, 10 Jan 2017 15:07:06 +0100
Available diffs
xen (4.1.6.1-0ubuntu0.12.04.13) precise-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-9386 / XSA-191
* x86/hvm: Fix the handling of non-present segments
- CVE-2016-9382 / XSA-192
* x86/HVM: don't load LDTR with VM86 mode attrs during task switch
- CVE-2016-9383 / XSA-195
* x86emul: fix huge bit offset handling
- CVE-2016-9381 / XSA-197
* xen: fix ioreq handling
- CVE-2016-9379, CVE-2016-9380 / XSA-198
* pygrub: Properly quote results, when returning them to the caller
- CVE-2016-9637 / XSA-199
* qemu: ioport_read, ioport_write: be defensive about 32-bit addresses
- CVE-2016-9932 / XSA-200
* x86/emulator: add feature checks for newer instructions
* x86emul: CMPXCHG8B ignores operand size prefix
- CVE-2016-10024 / XSA-202
* x86: use MOV instead of PUSH/POP when saving/restoring register state
* x86: force EFLAGS.IF on when exiting to PV guests
- CVE-2016-10013 / XSA-204
* x86/emul: Correct the handling of eflags with SYSCALL
-- Stefan Bader <email address hidden> Wed, 11 Jan 2017 11:44:28 +0100
Available diffs
xen (4.7.0-0ubuntu2.1) yakkety-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-9386 / XSA-191
* x86/hvm: Fix the handling of non-present segments
- CVE-2016-9382 / XSA-192
* x86/HVM: don't load LDTR with VM86 mode attrs during task switch
- CVE-2016-9385 / XSA-193
* x86/PV: writes of %fs and %gs base MSRs require canonical addresses
- CVE-2016-9384 / XSA-194
* libelf: fix stack memory leak when loading 32 bit symbol tables
- CVE-2016-9383 / XSA-195
* x86emul: fix huge bit offset handling
- CVE-2016-9377, CVE-2016-9378 / XSA-196
* x86/emul: Correct the IDT entry calculation in inject_swint()
* x86/svm: Fix injection of software interrupts
- CVE-2016-9379, CVE-2016-9380 / XSA-198
* pygrub: Properly quote results, when returning them to the caller
- CVE-2016-9932 / XSA-200
* x86emul: CMPXCHG8B ignores operand size prefix
- CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA.201
* arm64: handle guest-generated EL1 asynchronous abort
* arm64: handle async aborts delivered while at EL2
* arm: crash the guest when it traps on external abort
* arm32: handle async aborts delivered while at HYP
- CVE-2016-10024 / XSA-202
* x86: force EFLAGS.IF on when exiting to PV guests
- CVE-2016-10025 / XSA-203
* x86/HVM: add missing NULL check before using VMFUNC hook
- CVE-2016-10013 / XSA-204
* x86/emul: Correct the handling of eflags with SYSCALL
-- Stefan Bader <email address hidden> Mon, 09 Jan 2017 17:29:33 +0100
Available diffs
xen (4.1.6.1-0ubuntu0.12.04.12) precise-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-6258 / XSA-182
* x86/pv: Remove unsafe bits from the mod_l?_entry() fastpath
- CVE-2016-5403 / XSA-184
* virtio: error out if guest exceeds virtqueue size
- CVE-2016-7092 / XSA-185
* x86/32on64: don't allow recursive page tables from L3
- CVE-2016-7094 / XSA-187
* x86/shadow: Avoid overflowing sh_ctxt->seg_reg[]
* x86/segment: Bounds check accesses to emulation ctxt->seg_reg[]
- CVE-2016-7777 / XSA-190
* x86emul: honor guest CR0.TS and CR0.EM
-- Stefan Bader <email address hidden> Thu, 06 Oct 2016 16:14:26 +0200
xen (4.4.2-0ubuntu0.14.04.7) trusty-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-6258 / XSA-182
* x86/pv: Remove unsafe bits from the mod_l?_entry() fastpath
- CVE-2016-5403 / XSA-184
* virtio: error out if guest exceeds virtqueue size
- CVE-2016-7092 / XSA-185
* x86/32on64: don't allow recursive page tables from L3
- CVE-2016-7094 / XSA-187
* x86/shadow: Avoid overflowing sh_ctxt->seg_reg[]
* x86/segment: Bounds check accesses to emulation ctxt->seg_reg[]
- CVE-2016-7154 / XSA-188
* evtchn-fifo: prevent use after free
- CVE-2016-7777 / XSA-190
* x86emul: honor guest CR0.TS and CR0.EM
-- Stefan Bader <email address hidden> Thu, 06 Oct 2016 15:56:51 +0200
xen (4.6.0-1ubuntu4.2) xenial-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-6258 / XSA-182
* x86/pv: Remove unsafe bits from the mod_l?_entry() fastpath
- CVE-2016-6259 / XSA-183
* x86/entry: Avoid SMAP violation in compat_create_bounce_frame()
- CVE-2016-7092 / XSA-185
* x86/32on64: don't allow recursive page tables from L3
- CVE-2016-7094 / XSA-187
* x86/shadow: Avoid overflowing sh_ctxt->seg_reg[]
* x86/segment: Bounds check accesses to emulation ctxt->seg_reg[]
- CVE-2016-7777 / XSA-190
* x86emul: honor guest CR0.TS and CR0.EM
-- Stefan Bader <email address hidden> Thu, 06 Oct 2016 15:32:01 +0200
Available diffs
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Deleted in yakkety-proposed (Reason: moved to release) |
xen (4.7.0-0ubuntu2) yakkety; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-6258 / XSA-182
* x86/pv: Remove unsafe bits from the mod_l?_entry() fastpath
- CVE-2016-6259 / XSA-183
* x86/entry: Avoid SMAP violation in compat_create_bounce_frame()
- CVE-2016-7092 / XSA-185
* x86/32on64: don't allow recursive page tables from L3
- CVE-2016-7093 / XSA-186
* x86/emulate: Correct boundary interactions of emulated instructions
* hvm/fep: Allow testing of instructions crossing the -1 -> 0 virtual
boundary
- CVE-2016-7094 / XSA-187
* x86/shadow: Avoid overflowing sh_ctxt->seg_reg[]
* x86/segment: Bounds check accesses to emulation ctxt->seg_reg[]
- CVE-2016-7777 / XSA-190
* x86emul: honor guest CR0.TS and CR0.EM
-- Stefan Bader <email address hidden> Thu, 06 Oct 2016 15:24:46 +0200
Available diffs
xen (4.7.0-0ubuntu1) yakkety; urgency=low * Rebasing to upstream Xen release 4.7 (LP: #1621618) - Renamed all *-4.6* files into *-4.7*. Also moved references within various files from 4.6 to 4.7. - Follow previous abiname patches to create individual run-time libs for the versioned libxen package for libxencall, libxenevtchn, libxenforeignmemory, libxengnttab, and libxentoollog. - Modified debian/libxen-dev.install to pick up the additional headers and drop one which is no longer present. And also add the new libs. - Refreshed Debian patchesS - Dropped transitional packages <4.6, added a set for 4.6. - Dropped tools-allow-configure-time-choice-of-libexec-subdire.patch (upstream) - Dropped ubuntu-config-prefix-fix.patch (unnecessary) - Dropped all security patches since those were all included in the new upstream release. - Added fix for FTBS on Arm due to unused static variables and hardening flags turned on. - Switched dependencies of sysvinit scripts from libvirt-bin to libvirtd. - Added modprobe for xen-acpi-processor (no auto-load alias) to xenstrore init script. Otherwise there is no frequency scaling if the driver is compiled as a module. - Added proposed upstream fix for regression to save PV guests with more than 1G of memory.
Available diffs
xen (4.5.1-0ubuntu1.4) wily-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-3158, CVE-2016-3159 / XSA-172
* x86: fix information leak on AMD CPUs
- CVE-2016-3960 / XSA-173
* x86: limit GFNs to 32 bits for shadowed superpages.
- CVE-2016-4962 / XSA-175
* libxl: Record backend/frontend paths in /libxl/$DOMID
* libxl: Provide libxl__backendpath_parse_domid
* libxl: Do not trust frontend in libxl__devices_destroy
* libxl: Do not trust frontend in libxl__device_nextid
* libxl: Do not trust frontend for disk eject event
* libxl: Do not trust frontend for disk in getinfo
* libxl: Do not trust frontend for vtpm list
* libxl: Do not trust frontend for vtpm in getinfo
* libxl: Do not trust frontend for nic in libxl_devid_to_device_nic
* libxl: Do not trust frontend for nic in getinfo
* libxl: Do not trust frontend for channel in list
* libxl: Do not trust frontend for channel in getinfo
* libxl: Cleanup: Have libxl__alloc_vdev use /libxl
* libxl: Document ~/serial/ correctly
- CVE-2016-4480 / XSA-176
* x86/mm: fully honor PS bits in guest page table walks
- CVE-2016-4963 / XSA-178
* libxl: Make copy of every xs backend in /libxl in _generic_add
* libxl: Do not trust backend in libxl__device_exists
* libxl: Do not trust backend for vtpm in getinfo (except uuid)
* libxl: Do not trust backend for vtpm in getinfo (uuid)
* libxl: cdrom eject and insert: write to /libxl
* libxl: Do not trust backend for disk eject vdev
* libxl: Do not trust backend for disk; fix driver domain disks list
* libxl: Do not trust backend for disk in getinfo
* libxl: Do not trust backend for cdrom insert
* libxl: Do not trust backend for channel in getinfo
* libxl: Rename libxl__device_{nic,channel}_from_xs_be to _from_xenstore
* libxl: Rename READ_BACKEND to READ_LIBXLDEV
* libxl: Have READ_LIBXLDEV use libxl_path rather than be_path
* libxl: Do not trust backend in nic getinfo
* libxl: Do not trust backend for nic in devid_to_device
* libxl: Do not trust backend for nic in list
* libxl: Do not trust backend in channel list
* libxl: Cleanup: use libxl__backendpath_parse_domid in
libxl__device_disk_from_xs_be
* libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
- CVE-2016-5242 / XSA-181
* xen/arm: Don't free p2m->first_level in p2m_teardown() before
it has been allocated
-- Stefan Bader <email address hidden> Thu, 30 Jun 2016 10:05:26 +0200
Available diffs
xen (4.6.0-1ubuntu5) yakkety; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-3158, CVE-2016-3159 / XSA-172
* x86: fix information leak on AMD CPUs
- CVE-2016-3960 / XSA-173
* x86: limit GFNs to 32 bits for shadowed superpages.
- CVE-2016-4962 / XSA-175
* libxl: Record backend/frontend paths in /libxl/$DOMID
* libxl: Provide libxl__backendpath_parse_domid
* libxl: Do not trust frontend in libxl__devices_destroy
* libxl: Do not trust frontend in libxl__device_nextid
* libxl: Do not trust frontend for disk eject event
* libxl: Do not trust frontend for disk in getinfo
* libxl: Do not trust frontend for vtpm list
* libxl: Do not trust frontend for vtpm in getinfo
* libxl: Do not trust frontend for nic in libxl_devid_to_device_nic
* libxl: Do not trust frontend for nic in getinfo
* libxl: Do not trust frontend for channel in list
* libxl: Do not trust frontend for channel in getinfo
* libxl: Cleanup: Have libxl__alloc_vdev use /libxl
* libxl: Document ~/serial/ correctly
- CVE-2016-4480 / XSA-176
* x86/mm: fully honor PS bits in guest page table walks
- CVE-2016-4963 / XSA-178
* libxl: Make copy of every xs backend in /libxl in _generic_add
* libxl: Do not trust backend in libxl__device_exists
* libxl: Do not trust backend for vtpm in getinfo (except uuid)
* libxl: Do not trust backend for vtpm in getinfo (uuid)
* libxl: cdrom eject and insert: write to /libxl
* libxl: Do not trust backend for disk eject vdev
* libxl: Do not trust backend for disk; fix driver domain disks list
* libxl: Do not trust backend for disk in getinfo
* libxl: Do not trust backend for cdrom insert
* libxl: Do not trust backend for channel in getinfo
* libxl: Rename libxl__device_{nic,channel}_from_xs_be to _from_xenstore
* libxl: Rename READ_BACKEND to READ_LIBXLDEV
* libxl: Have READ_LIBXLDEV use libxl_path rather than be_path
* libxl: Do not trust backend in nic getinfo
* libxl: Do not trust backend for nic in devid_to_device
* libxl: Do not trust backend for nic in list
* libxl: Do not trust backend in channel list
* libxl: Cleanup: use libxl__backendpath_parse_domid in
libxl__device_disk_from_xs_be
* libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
- CVE-2016-5242 / XSA-181
* xen/arm: Don't free p2m->first_level in p2m_teardown() before
it has been allocated
-- Stefan Bader <email address hidden> Tue, 07 Jun 2016 16:30:19 +0200
Available diffs
- diff from 4.6.0-1ubuntu4 to 4.6.0-1ubuntu5 (28.0 KiB)
xen (4.1.6.1-0ubuntu0.12.04.11) precise-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2013-2212 / XSA-060
* VMX: disable EPT when !cpu_has_vmx_pat
* VMX: remove the problematic set_uc_mode logic
* VMX: fix cr0.cd handling
- CVE-2016-3158, CVE-2016-3159 / XSA-172
* x86: fix information leak on AMD CPUs
- CVE-2016-3960 / XSA-173
* x86: limit GFNs to 32 bits for shadowed superpages.
* x86/HVM: correct CPUID leaf 80000008 handling
- CVE-2016-4480 / XSA-176
* x86/mm: fully honor PS bits in guest page table walks
- CVE-2016-3710 / XSA-179 (qemu traditional)
* vga: fix banked access bounds checking
* vga: add vbe_enabled() helper
* vga: factor out vga register setup
* vga: update vga register setup on vbe changes
* vga: make sure vga register setup for vbe stays intact
- CVE-2014-3672 / XSA-180 (qemu traditional)
* main loop: Big hammer to fix logfile disk DoS in Xen setups
-- Stefan Bader <email address hidden> Tue, 07 Jun 2016 20:01:06 +0200
xen (4.4.2-0ubuntu0.14.04.6) trusty-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-3158, CVE-2016-3159 / XSA-172
* x86: fix information leak on AMD CPUs
- CVE-2016-3960 / XSA-173
* x86: limit GFNs to 32 bits for shadowed superpages.
- CVE-2016-4962 / XSA-175
* libxl: Record backend/frontend paths in /libxl/$DOMID
* libxl: Provide libxl__backendpath_parse_domid
* libxl: Do not trust frontend in libxl__devices_destroy
* libxl: Do not trust frontend in libxl__device_nextid
* libxl: Do not trust frontend for disk eject event
* libxl: Do not trust frontend for disk in getinfo
* libxl: Do not trust frontend for vtpm list
* libxl: Do not trust frontend for vtpm in getinfo
* libxl: Do not trust frontend for nic in libxl_devid_to_device_nic
* libxl: Do not trust frontend for nic in getinfo
* libxl: Cleanup: Have libxl__alloc_vdev use /libxl
* libxl: Document ~/serial/ correctly
- CVE-2016-4480 / XSA-176
* x86/mm: fully honor PS bits in guest page table walks
- CVE-2016-4963 / XSA-178
* libxl: Do not trust backend for vtpm in getinfo (except uuid)
* libxl: Do not trust backend for vtpm in getinfo (uuid)
* libxl: cdrom eject and insert: write to /libxl
* libxl: Do not trust backend for disk eject vdev
* libxl: Do not trust backend for disk; fix driver domain disks list
* libxl: Do not trust backend for disk in getinfo
* libxl: Do not trust backend for cdrom insert
* libxl: Rename libxl__device_{nic,channel}_from_xs_be to _from_xenstore
* libxl: Rename READ_BACKEND to READ_LIBXLDEV
* libxl: Have READ_LIBXLDEV use libxl_path rather than be_path
* libxl: Do not trust backend in nic getinfo
* libxl: Do not trust backend for nic in devid_to_device
* libxl: Do not trust backend for nic in list
* libxl: Cleanup: use libxl__backendpath_parse_domid in
libxl__device_disk_from_xs_be
* libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
- CVE-2016-3710 / XSA-179 (qemu traditional)
* vga: fix banked access bounds checking
* vga: add vbe_enabled() helper
* vga: factor out vga register setup
* vga: update vga register setup on vbe changes
* vga: make sure vga register setup for vbe stays intact
- CVE-2014-3672 / XSA-180 (qemu traditional)
* main loop: Big hammer to fix logfile disk DoS in Xen setups
- CVE-2016-5242 / XSA-181
* xen/arm: Don't free p2m->first_level in p2m_teardown() before
it has been allocated
-- Stefan Bader <email address hidden> Mon, 06 Jun 2016 14:17:35 +0200
Available diffs
xen (4.6.0-1ubuntu4.1) xenial-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-3158, CVE-2016-3159 / XSA-172
* x86: fix information leak on AMD CPUs
- CVE-2016-3960 / XSA-173
* x86: limit GFNs to 32 bits for shadowed superpages.
- CVE-2016-4962 / XSA-175
* libxl: Record backend/frontend paths in /libxl/$DOMID
* libxl: Provide libxl__backendpath_parse_domid
* libxl: Do not trust frontend in libxl__devices_destroy
* libxl: Do not trust frontend in libxl__device_nextid
* libxl: Do not trust frontend for disk eject event
* libxl: Do not trust frontend for disk in getinfo
* libxl: Do not trust frontend for vtpm list
* libxl: Do not trust frontend for vtpm in getinfo
* libxl: Do not trust frontend for nic in libxl_devid_to_device_nic
* libxl: Do not trust frontend for nic in getinfo
* libxl: Do not trust frontend for channel in list
* libxl: Do not trust frontend for channel in getinfo
* libxl: Cleanup: Have libxl__alloc_vdev use /libxl
* libxl: Document ~/serial/ correctly
- CVE-2016-4480 / XSA-176
* x86/mm: fully honor PS bits in guest page table walks
- CVE-2016-4963 / XSA-178
* libxl: Make copy of every xs backend in /libxl in _generic_add
* libxl: Do not trust backend in libxl__device_exists
* libxl: Do not trust backend for vtpm in getinfo (except uuid)
* libxl: Do not trust backend for vtpm in getinfo (uuid)
* libxl: cdrom eject and insert: write to /libxl
* libxl: Do not trust backend for disk eject vdev
* libxl: Do not trust backend for disk; fix driver domain disks list
* libxl: Do not trust backend for disk in getinfo
* libxl: Do not trust backend for cdrom insert
* libxl: Do not trust backend for channel in getinfo
* libxl: Rename libxl__device_{nic,channel}_from_xs_be to _from_xenstore
* libxl: Rename READ_BACKEND to READ_LIBXLDEV
* libxl: Have READ_LIBXLDEV use libxl_path rather than be_path
* libxl: Do not trust backend in nic getinfo
* libxl: Do not trust backend for nic in devid_to_device
* libxl: Do not trust backend for nic in list
* libxl: Do not trust backend in channel list
* libxl: Cleanup: use libxl__backendpath_parse_domid in
libxl__device_disk_from_xs_be
* libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
- CVE-2016-5242 / XSA-181
* xen/arm: Don't free p2m->first_level in p2m_teardown() before
it has been allocated
-- Stefan Bader <email address hidden> Wed, 01 Jun 2016 11:10:47 +0200
Available diffs
xen (4.1.6.1-0ubuntu0.12.04.10) precise-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-2270 / XSA-154
* x86: make get_page_from_l1e() return a proper error code
* x86: make mod_l1_entry() return a proper error code
* x86/mm: fix mod_l1_entry() return value when encountering r/o MMIO
page
* x86: enforce consistent cachability of MMIO mappings
- CVE-2016-1570 / XSA-167
* x86/mm: PV superpage handling lacks sanity checks
- CVE-2016-1571 / XSA-168
* x86/VMX: prevent INVVPID failure due to non-canonical guest address
- CVE-2015-8615 / XSA-169
* x86: make debug output consistent in hvm_set_callback_via
- CVE-2016-2271 / XSA-170
* x86/VMX: sanitize rIP before re-entering guest
-- Stefan Bader <email address hidden> Thu, 25 Feb 2016 09:25:57 +0100
Available diffs
xen (4.5.1-0ubuntu1.3) wily-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-2270 / XSA-154
* x86: enforce consistent cachability of MMIO mappings
- CVE-2016-1570 / XSA-167
* x86/mm: PV superpage handling lacks sanity checks
- CVE-2016-1571 / XSA-168
* x86/VMX: prevent INVVPID failure due to non-canonical guest address
- CVE-2015-8615 / XSA-169
* x86: make debug output consistent in hvm_set_callback_via
- CVE-2016-2271 / XSA-170
* x86/VMX: sanitize rIP before re-entering guest
-- Stefan Bader <email address hidden> Tue, 23 Feb 2016 22:18:08 +0100
Available diffs
xen (4.4.2-0ubuntu0.14.04.5) trusty-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-2270 / XSA-154
* x86: enforce consistent cachability of MMIO mappings
- CVE-2016-1570 / XSA-167
* x86/mm: PV superpage handling lacks sanity checks
- CVE-2016-1571 / XSA-168
* x86/VMX: prevent INVVPID failure due to non-canonical guest address
- CVE-2015-8615 / XSA-169
* x86: make debug output consistent in hvm_set_callback_via
- CVE-2016-2271 / XSA-170
* x86/VMX: sanitize rIP before re-entering guest
-- Stefan Bader <email address hidden> Tue, 23 Feb 2016 22:16:17 +0100
Available diffs
| Superseded in yakkety-release |
| Published in xenial-release |
| Deleted in xenial-proposed (Reason: moved to release) |
xen (4.6.0-1ubuntu4) xenial; urgency=low * d/rules.real: Set LANG=C.UTF-8 for the builds to avoid a grep bug.
Available diffs
- diff from 4.6.0-1ubuntu2 to 4.6.0-1ubuntu4 (11.2 KiB)
- diff from 4.6.0-1ubuntu3 to 4.6.0-1ubuntu4 (819 bytes)
| Superseded in xenial-proposed |
xen (4.6.0-1ubuntu3) xenial; urgency=low
* Fix unmount error message on shutdown and init script ordering issues:
- d/xen-utils-common.xenstored.init: Introduce new init script which only
starts xenstored (but also shuts it down on stop). Prevent this one to
be run on upgrade.
- d/xen-utils-common.xen.init:
* Add X-Start-Before/X-Stop-After dependencies on libvirt-bin
* Remove xenstored related code
* d/scripts/xen-init-list: Revert back to unmodified version from Debian.
With the ordering fixed, libvirt guests should be handled by its own
script before xendomains is run.
* d/control, d/libxen-dev.install and d/rules.real:
Add xenlight.pc and xlutil.pc to be packaged as part of libxen-dev in
multi-arch suitable location. Also declare libxen-dev as multi-arch
same.
* Additional Security Patches:
- CVE-2016-2270 / XSA-154
* x86: enforce consistent cachability of MMIO mappings
- CVE-2016-1570 / XSA-167
* x86/mm: PV superpage handling lacks sanity checks
- CVE-2016-1571 / XSA-168
* x86/VMX: prevent INVVPID failure due to non-canonical guest address
- CVE-2015-8615 / XSA-169
* x86: make debug output consistent in hvm_set_callback_via
- CVE-2016-2271 / XSA-170
* x86/VMX: sanitize rIP before re-entering guest
-- Stefan Bader <email address hidden> Thu, 18 Feb 2016 18:20:38 +0100
Available diffs
- diff from 4.6.0-1ubuntu2 to 4.6.0-1ubuntu3 (10.8 KiB)
| 1 → 75 of 200 results | First • Previous • Next • Last |
