xen 4.11.4+24-gddaaccbbab-1ubuntu1 source package in Ubuntu


xen (4.11.4+24-gddaaccbbab-1ubuntu1) groovy; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Enforce python2 usage
      - Build-depend on python2-dev.
      - Build using python2.
      - Build-depend on lmodern.
      - Set python2 for xen-init-name and xen-init-list scripts
    - Recommend qemu-system-x86-xen
    - Force fcf-protection off when using -mindirect-branch
    - Strip .note.gnu.property section for intermediate files
    - Add transitional packages for upgrades
    - Handle config file moving between packages
    - Update: Building hypervisor with cf-protection enabled

xen (4.11.4+24-gddaaccbbab-1) unstable; urgency=medium

  * Update to new upstream version 4.11.4+24-gddaaccbbab, which also contains
    security fixes for the following issues:
    - inverted code paths in x86 dirty VRAM tracking
      XSA-319 CVE-2020-15563
    - Special Register Buffer speculative side channel
      XSA-320 CVE-2020-0543
      N.B: To mitigate this issue, new cpu microcode is required. The changes
      in Xen provide a workaround for affected hardware that is not receiving
      a vendor microcode update. Please refer to the upstream XSA-320 Advisory
      text for more details.
    - insufficient cache write-back under VT-d
      XSA-321 CVE-2020-15565
    - Missing alignment check in VCPUOP_register_vcpu_info
      XSA-327 CVE-2020-15564
    - non-atomic modification of live EPT PTE
      XSA-328 CVE-2020-15567

xen (4.11.4-1) unstable; urgency=medium

  * Update to new upstream version 4.11.4, which also contains security fixes
    for the following issues:
    - arm: a CPU may speculate past the ERET instruction
      XSA-312 (no CVE yet)
    - multiple xenoprof issues
      XSA-313 CVE-2020-11740 CVE-2020-11741
    - Missing memory barriers in read-write unlock paths
      XSA-314 CVE-2020-11739
    - Bad error path in GNTTABOP_map_grant
      XSA-316 CVE-2020-11743
    - Bad continuation handling in GNTTABOP_copy
      XSA-318 CVE-2020-11742
  * xen-utils and xen-utils-common maint scripts: Replace the previous fix in
    the xen init script with a better fix in the xen-utils package instead, to
    prevent calling the init script stop action (resulting in a disappeared
    xenconsoled) when removing a xen-utils package that belongs to a previous
    (not currently runing) Xen version. Also prevent the xen-utils-common
    package from inadvertently calling stop and start actions because
    dh_installinit would add code for that. (Closes: #932759)
  * debian/NEWS: Mention fixing #932759 and how to deal with the bug

 -- Gianfranco Costamagna <email address hidden>  Mon, 24 Aug 2020 17:25:22 +0200

Upload details

Uploaded by:
Gianfranco Costamagna
Uploaded to:
Original maintainer:
Ubuntu Developers
amd64 arm64 armhf i386 all
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
xen_4.11.4+24-gddaaccbbab.orig.tar.xz 4.1 MiB 9341af7e6509b16c6f5c1e400974a1fb6ec6d6d23b28c278e84ea17b4d3e3611
xen_4.11.4+24-gddaaccbbab-1ubuntu1.debian.tar.xz 145.2 KiB 833f91844f3713856dcd5b7c78119fbad65c9818b92cecf3309f1c7d13f78131
xen_4.11.4+24-gddaaccbbab-1ubuntu1.dsc 4.4 KiB 64f86f139e06e3a17ebf7b959e24c168b81ac06270228ecd94115279f6445653

View changes file

Binary packages built by this source