Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

xen-libs-4.17.2-2.fc39 RPM for x86_64

From Fedora 39 for x86_64 / x

Name: xen-libs Distribution: Fedora Project
Version: 4.17.2 Vendor: Fedora Project
Release: 2.fc39 Build date: Tue Sep 26 16:57:37 2023
Group: Unspecified Build host: buildvm-x86-22.iad2.fedoraproject.org
Size: 1916735 Source RPM: xen-4.17.2-2.fc39.src.rpm
Packager: Fedora Project
Url: http://xen.org/
Summary: Libraries for Xen tools
This package contains the libraries needed to run applications
which manage Xen virtual machines.

Provides

Requires

License

GPLv2+ and LGPLv2+ and BSD

Changelog

* Tue Sep 26 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-2
  - arm32: The cache may not be properly cleaned/invalidated [XSA-437,
  	CVE-2023-34321]
  - top-level shadow reference dropped too early for 64-bit PV guests
  	[XSA-438, CVE-2023-34322]
  - x86/AMD: Divide speculative information leak [XSA-439, CVE-2023-20588]
* Thu Aug 10 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-1
  - update to xen-4.17.2 which includes
    x86/AMD: Speculative Return Stack Overflow [XSA-434, CVE-2023-20569]
    x86/Intel: Gather Data Sampling [XSA-435, CVE-2022-40982]
  - remove patches now included upstream
* Tue Aug 01 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-9
  - arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320]
  	(#2228238)
* Mon Jul 31 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-8
  - bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
* Tue Jul 25 2023 Michael Young <m.a.young@durham.ac.uk>
  - adjust OCaml patch condition so eln builds work
* Mon Jul 24 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-7
  - x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
  - omit OCaml 5 patch on fc38
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.17.1-6
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Jul 10 2023 Jerry James <loganjerry@gmail.com> - 4.17.1-5
  - Add patch for OCaml 5.0.0
* Tue Jun 27 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-4
  - work around a build problem with python 3.12
* Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 4.17.1-3
  - Rebuilt for Python 3.12
* Tue May 16 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-2
  - Mishandling of guest SSBD selection on AMD hardware
  	[XSA-431, CVE-2022-42336]
* Tue May 02 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-1
  - update to xen-4.17.1
    remove patches now included upstream
    switch from patchN to patch N format for applying patches
* Tue Apr 25 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-9
  - x86 shadow paging arbitrary pointer dereference [XSA-430, CVE-2022-42335]
* Tue Mar 21 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-8
  - 3 security issues (#2180425)
    x86 shadow plus log-dirty mode use-after-free [XSA-427, CVE-2022-42332]
    x86/HVM pinned cache attributes mis-handling [XSA-428, CVE-2022-42333,
  	CVE-2022-42334]
    x86: speculative vulnerability in 32bit SYSCALL path [XSA-429,
  	CVE-2022-42331]
* Sat Feb 18 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-7
  - use OVMF.fd from new edk2-ovmf-xen package as ovmf.bin file
  	built from edk2-ovmf package no longer supports xen (#2170930)
* Tue Feb 14 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-6
  - x86: Cross-Thread Return Address Predictions [XSA-426, CVE-2022-27672]
* Wed Jan 25 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-5
  - Guests can cause Xenstore crash via soft reset [XSA-425, CVE-2022-42330]
  	(#2164520)
* Tue Jan 24 2023 Michael Young <m.a.young@durham.ac.uk>
  - now need BuildRequires for hostname
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.17.0-4
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Jan 17 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-3
  - build fix for gcc13
* Sun Jan 08 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-2
  - fix clean up of init scripts if /etc/rc.d/init.d doesn't exist
* Tue Dec 20 2022 Michael Young <m.a.young@durham.ac.uk>
  -  python3-setuptools BuildRequires is needed for python 3.12
* Tue Dec 13 2022 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-1
  - update to xen-4.17.0
    rebase xen.fedora.systemd.patch and xen.canonicalize.patch
    remove or adjust patches now included or superceded upstream
    /var/lib/xenstored has moved to /run/xenstored
* Tue Nov 08 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-4
  - x86: Multiple speculative security issues [XSA-422, CVE-2022-23824]
* Tue Nov 01 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-3
  - x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327]
  - Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309]
  - Xenstore: Guests can create orphaned Xenstore nodes [XSA-415,
  	CVE-2022-42310]
  - Xenstore: guests can let run xenstored out of memory [XSA-326,
  	CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314,
  	CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318]
  - Xenstore: Guests can cause Xenstore to not free temporary memory
  	[XSA-416, CVE-2022-42319]
  - Xenstore: Guests can get access to Xenstore nodes of deleted domains
  	[XSA-417, CVE-2022-42320]
  - Xenstore: Guests can crash xenstored via exhausting the stack
  	[XSA-418, CVE-2022-42321]
  - Xenstore: Cooperating guests can create arbitrary numbers of nodes
  	[XSA-419, CVE-2022-42322, CVE-2022-42323]
  - Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324]
  - Xenstore: Guests can create arbitrary number of nodes via transactions
  	[XSA-421, CVE-2022-42325, CVE-2022-42326]
* Fri Oct 14 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-2
  - Arm: unbounded memory consumption for 2nd-level page tables [XSA-409,
  	CVE-2022-33747] (#2135268)
  - P2M pool freeing may take excessively long [XSA-410, CVE-2022-33746]
  	(#2135641)
  - lock order inversion in transitive grant copy handling [XSA-411,
  	CVE-2022-33748] (#2135263)
* Sat Sep 17 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-1
  - update to xen-4.16.2
    remove or adjust patches now included or superceded upstream
* Tue Jul 26 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-8
  - insufficient TLB flush for x86 PV guests in shadow mode [XSA-408,
  	CVE-2022-33745] (#2112223)
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.16.1-7
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 12 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-6
  - Retbleed - arbitrary speculative code execution with return instructions
  	[XSA-407, CVE-2022-23816, CVE-2022-23825, CVE-2022-29900]
* Tue Jul 05 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-5
  - Linux disk/nic frontends data leaks [XSA-403, CVE-2022-26365,
  	CVE-2022-33740, CVE-2022-33741, CVE-2022-33742] (#2104747)
* Tue Jun 21 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-4
  - x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123,
  	CVE-2022-21125, CVE-2022-21166]
* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 4.16.1-3
  - Rebuilt for Python 3.11 (F37 build only)
* Sat Jun 11 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-2
  - stop building for ix86 and armv7hl due to missing build dependency
  - x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362]
  - x86 pv: Insufficient care with non-coherent mappings [ XSA-402,
  	CVE-2022-26363, CVE-2022-26364]
  - additional patches so above applies cleanly
* Thu Apr 14 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-1
  - update to xen-4.16.1
    remove or adjust patches now included or superceded upstream
    renumber patches
  - strip .efi file to help EFI partitions with limited space
* Tue Apr 05 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-6
  - Racy interactions between dirty vram tracking and paging log dirty
  	hypercalls [XSA-397, CVE-2022-26356]
  - race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]
  - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400,
  	CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]
  - additional patches so above applies cleanly
* Mon Mar 21 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-5
  - fix build of xen*.efi file and package it in /usr/lib*/efi
* Tue Mar 15 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-4
  - Multiple speculative security issues [XSA-398]
  - additional patches so above applies cleanly
* Sat Jan 29 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-3
  - adjust build script and patches for gcc12 and package note support
* Sat Jan 29 2022 Michael Young <m.a.young@durham.ac.uk>
  - arm: guest_physmap_remove_page not removing the p2m mappings [XSA-393,
  	CVE-2022-23033] (#2045044)
  - A PV guest could DoS Xen while unmapping a grant [XSA-394, CVE-2022-23034]
  	(#2045042)
  - Insufficient cleanup of passed-through device IRQs [XSA-395,
  	CVE-2022-23035] (#2045040)
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.16.0-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Mon Jan 10 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-1
  - update to xen-4.16.0
    rebase xen.canonicalize.patch and xen.gcc11.fixes.patch
    drop xen.fedora.efi.build.patch which is no longer useful
    remove or adjust patches now included or superceded upstream
    update libxenstore libary versions
    unpackage /boot/efi/EFI/fedora/xen*.efi
    package xen-mceinj and xen-vmtrace
  - don't build qemu-traditional or pv-grub by default (following upstream)
  - fix some incorrect dependencies on building qemu-traditional
  - change grub module package dependencies from Suggests to Recommends
  	and move to hypervisor package
  - rework seabios configure logic (bios.bin is no longer useful)
  - frontends vulnerable to backends [XSA-376] (document change only)
* Tue Nov 23 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-4
  - guests may exceed their designated memory limit [XSA-385, CVE-2021-28706]
  - PoD operations on misaligned GFNs [XSA-388, CVE-2021-28704, CVE-2021-28707
  	CVE-2021-28708]
  - issues with partially successful P2M updates on x86 [XSA-389,
  	CVE-2021-28705, CVE-2021-28709]
  - certain VT-d IOMMUs may not work in shared page table mode [XSA-390,
  	CVE-2021-28710]
* Wed Oct 06 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-3
  - rebuild (f36 only) for OCaml 4.13.1
* Tue Oct 05 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-2
  - PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702]
  	(#2011248)

Files

/usr/lib/.build-id
/usr/lib/.build-id/20
/usr/lib/.build-id/20/8a1e3f7931e5f496487a11f4935f4724a69dab
/usr/lib/.build-id/3e
/usr/lib/.build-id/3e/f8893362b271d4b6b2c709faa8687cda33f0a6
/usr/lib/.build-id/3f/bf773bd0e40ed95e746703005f698166d03f06
/usr/lib/.build-id/40
/usr/lib/.build-id/40/4186879ad7eb17e5f530bf6b33127d63fba399
/usr/lib/.build-id/61
/usr/lib/.build-id/61/d0a7af9cb4f5c841ce6c2f993470da1339587a
/usr/lib/.build-id/65
/usr/lib/.build-id/65/e83aff49a9afa3d91344d9a844189ffe3b030b
/usr/lib/.build-id/6a
/usr/lib/.build-id/6a/bad7e6f766f1a770c799778b3ae20812dc5263
/usr/lib/.build-id/6b
/usr/lib/.build-id/6b/24dc4bee3eefcdb3453d7cd0523edfbc6d4e85
/usr/lib/.build-id/6b/2ee2dde8288b55e9a8165da2c065f7777139fb
/usr/lib/.build-id/88
/usr/lib/.build-id/88/53891b01c4cc7f8699ed2d70509c8de77b9d55
/usr/lib/.build-id/88/5407f3820c43794879c02780f60863bb3d0abc
/usr/lib/.build-id/a9
/usr/lib/.build-id/a9/bf19a709fa7f14258f82f142685f147df9a126
/usr/lib/.build-id/af
/usr/lib/.build-id/af/040417631e330d0e95da4650da96d68a9f5d75
/usr/lib/.build-id/b6
/usr/lib/.build-id/b6/eb54e1b6fb2fb07aad929200fdc87e672818ea
/usr/lib/.build-id/b9
/usr/lib/.build-id/b9/1d1b37fc904ee0e4f404ddb950b5fc74b200bb
/usr/lib/.build-id/ba
/usr/lib/.build-id/ba/7d856637049c17253819e1912f5aced807d7c8
/usr/lib/.build-id/bb
/usr/lib/.build-id/bb/02f54def7de3977ab68f3072e835e5f95ae7f7
/usr/lib/.build-id/cb
/usr/lib/.build-id/cb/4bd996b5972ef819aacdc279af5fb6ae70c78f
/usr/lib/.build-id/d2
/usr/lib/.build-id/d2/7346a8f8933579d26441cbcca0f6aeb3a1c3a8
/usr/lib/.build-id/d6
/usr/lib/.build-id/d6/7aa4113d9142d3ea8fd924a5a649ef1857b308
/usr/lib/.build-id/d8
/usr/lib/.build-id/d8/caffaced8e52913033245327c183a8820e6426
/usr/lib/.build-id/eb
/usr/lib/.build-id/eb/8779e233045b9a23e5438d5d5d0fac174cf9b0
/usr/lib/.build-id/fe
/usr/lib/.build-id/fe/7bb48ce0f79ce3a13069cfed16a4a97d98d03a
/usr/lib64/libxencall.so.1
/usr/lib64/libxencall.so.1.3
/usr/lib64/libxenctrl.so.4.17
/usr/lib64/libxenctrl.so.4.17.0
/usr/lib64/libxendevicemodel.so.1
/usr/lib64/libxendevicemodel.so.1.4
/usr/lib64/libxenevtchn.so.1
/usr/lib64/libxenevtchn.so.1.2
/usr/lib64/libxenforeignmemory.so.1
/usr/lib64/libxenforeignmemory.so.1.4
/usr/lib64/libxenfsimage.so.4.17
/usr/lib64/libxenfsimage.so.4.17.0
/usr/lib64/libxengnttab.so.1
/usr/lib64/libxengnttab.so.1.2
/usr/lib64/libxenguest.so.4.17
/usr/lib64/libxenguest.so.4.17.0
/usr/lib64/libxenhypfs.so.1
/usr/lib64/libxenhypfs.so.1.0
/usr/lib64/libxenlight.so.4.17
/usr/lib64/libxenlight.so.4.17.0
/usr/lib64/libxenstat.so.4.17
/usr/lib64/libxenstat.so.4.17.0
/usr/lib64/libxenstore.so.4
/usr/lib64/libxenstore.so.4.0
/usr/lib64/libxentoolcore.so.1
/usr/lib64/libxentoolcore.so.1.0
/usr/lib64/libxentoollog.so.1
/usr/lib64/libxentoollog.so.1.0
/usr/lib64/libxenvchan.so.4.17
/usr/lib64/libxenvchan.so.4.17.0
/usr/lib64/libxlutil.so.4.17
/usr/lib64/libxlutil.so.4.17.0
/usr/lib64/xenfsimage
/usr/lib64/xenfsimage/ext2fs-lib
/usr/lib64/xenfsimage/ext2fs-lib/fsimage.so
/usr/lib64/xenfsimage/fat
/usr/lib64/xenfsimage/fat/fsimage.so
/usr/lib64/xenfsimage/iso9660
/usr/lib64/xenfsimage/iso9660/fsimage.so
/usr/lib64/xenfsimage/reiserfs
/usr/lib64/xenfsimage/reiserfs/fsimage.so
/usr/lib64/xenfsimage/ufs
/usr/lib64/xenfsimage/ufs/fsimage.so
/usr/lib64/xenfsimage/xfs
/usr/lib64/xenfsimage/xfs/fsimage.so
/usr/lib64/xenfsimage/zfs
/usr/lib64/xenfsimage/zfs/fsimage.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 21:55:09 2024