Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: xen-hypervisor | Distribution: Fedora Project |
Version: 4.18.1 | Vendor: Fedora Project |
Release: 1.fc40 | Build date: Wed Mar 20 20:32:34 2024 |
Group: Unspecified | Build host: buildhw-a64-21.iad2.fedoraproject.org |
Size: 9593006 | Source RPM: xen-4.18.1-1.fc40.src.rpm |
Packager: Fedora Project | |
Url: http://xen.org/ | |
Summary: Libraries for Xen tools |
This package contains the Xen hypervisor
GPLv2+ and LGPLv2+ and BSD
* Wed Mar 20 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.1-1 - update to xen-4.18.1 rebase xen.gcc12.fixes.patch remove patches now included or superceded upstream * Wed Mar 13 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-7 - x86: Register File Data Sampling [XSA-452, CVE-2023-28746] - GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193] - additional patches so above applies cleanly * Tue Feb 27 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-6 - x86: shadow stack vs exceptions from emulation stubs - [XSA-451, CVE-2023-46841] (#2266326) * Sun Feb 04 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-5 - pci: phantom functions assigned to incorrect contexts [XSA-449, CVE-2023-46839] - VT-d: Failure to quarantine devices in !HVM build [XSA-450, CVE-2023-46840] - the glibc32 doesn't seem to add anything to the build so drop it * Sat Feb 03 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-4 - build fixes for gcc14, replace stubs-32.h requirement with glibc32 * Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.18.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Dec 13 2023 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-2 - arm32: The cache may not be properly cleaned/invalidated (take two) [XSA-447, CVE-2023-46837] - rebuild for OCaml-5.1.1 * Wed Nov 29 2023 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-1 - update to xen-4.18.0 rebase xen.canonicalize.patch and xen.ocaml5.fixes.patch remove or adjust patches now included or superceded upstream - xencons has been dropped * Tue Nov 14 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-5 - x86/AMD: mismatch in IOMMU quarantine page table levels [XSA-445, CVE-2023-46835] - x86: BTC/SRSO fixes not fully effective [XSA-446, CVE-2023-46836] * Tue Oct 10 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-4 - xenstored: A transaction conflict can crash C Xenstored [XSA-440, CVE-2023-34323] - x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326] - Multiple vulnerabilities in libfsimage disk handling [XSA-443, CVE-2023-34325] - x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327, CVE-2023-34328] * Sun Oct 08 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-3 - rebuild (f40) for OCaml 5.1 * Tue Sep 26 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-2 - arm32: The cache may not be properly cleaned/invalidated [XSA-437, CVE-2023-34321] - top-level shadow reference dropped too early for 64-bit PV guests [XSA-438, CVE-2023-34322] - x86/AMD: Divide speculative information leak [XSA-439, CVE-2023-20588] * Thu Aug 10 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-1 - update to xen-4.17.2 which includes x86/AMD: Speculative Return Stack Overflow [XSA-434, CVE-2023-20569] x86/Intel: Gather Data Sampling [XSA-435, CVE-2022-40982] - remove patches now included upstream * Tue Aug 01 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-9 - arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320] (#2228238) * Mon Jul 31 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-8 - bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593] * Tue Jul 25 2023 Michael Young <m.a.young@durham.ac.uk> - adjust OCaml patch condition so eln builds work * Mon Jul 24 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-7 - x86/AMD: Zenbleed [XSA-433, CVE-2023-20593] - omit OCaml 5 patch on fc38 * Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.17.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Mon Jul 10 2023 Jerry James <loganjerry@gmail.com> - 4.17.1-5 - Add patch for OCaml 5.0.0 * Tue Jun 27 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-4 - work around a build problem with python 3.12 * Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 4.17.1-3 - Rebuilt for Python 3.12 * Tue May 16 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-2 - Mishandling of guest SSBD selection on AMD hardware [XSA-431, CVE-2022-42336] * Tue May 02 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-1 - update to xen-4.17.1 remove patches now included upstream switch from patchN to patch N format for applying patches * Tue Apr 25 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-9 - x86 shadow paging arbitrary pointer dereference [XSA-430, CVE-2022-42335] * Tue Mar 21 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-8 - 3 security issues (#2180425) x86 shadow plus log-dirty mode use-after-free [XSA-427, CVE-2022-42332] x86/HVM pinned cache attributes mis-handling [XSA-428, CVE-2022-42333, CVE-2022-42334] x86: speculative vulnerability in 32bit SYSCALL path [XSA-429, CVE-2022-42331] * Sat Feb 18 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-7 - use OVMF.fd from new edk2-ovmf-xen package as ovmf.bin file built from edk2-ovmf package no longer supports xen (#2170930) * Tue Feb 14 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-6 - x86: Cross-Thread Return Address Predictions [XSA-426, CVE-2022-27672] * Wed Jan 25 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-5 - Guests can cause Xenstore crash via soft reset [XSA-425, CVE-2022-42330] (#2164520) * Tue Jan 24 2023 Michael Young <m.a.young@durham.ac.uk> - now need BuildRequires for hostname * Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.17.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Tue Jan 17 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-3 - build fix for gcc13 * Sun Jan 08 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-2 - fix clean up of init scripts if /etc/rc.d/init.d doesn't exist * Tue Dec 20 2022 Michael Young <m.a.young@durham.ac.uk> - python3-setuptools BuildRequires is needed for python 3.12 * Tue Dec 13 2022 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-1 - update to xen-4.17.0 rebase xen.fedora.systemd.patch and xen.canonicalize.patch remove or adjust patches now included or superceded upstream /var/lib/xenstored has moved to /run/xenstored * Tue Nov 08 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-4 - x86: Multiple speculative security issues [XSA-422, CVE-2022-23824] * Tue Nov 01 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-3 - x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327] - Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309] - Xenstore: Guests can create orphaned Xenstore nodes [XSA-415, CVE-2022-42310] - Xenstore: guests can let run xenstored out of memory [XSA-326, CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318] - Xenstore: Guests can cause Xenstore to not free temporary memory [XSA-416, CVE-2022-42319] - Xenstore: Guests can get access to Xenstore nodes of deleted domains [XSA-417, CVE-2022-42320] - Xenstore: Guests can crash xenstored via exhausting the stack [XSA-418, CVE-2022-42321] - Xenstore: Cooperating guests can create arbitrary numbers of nodes [XSA-419, CVE-2022-42322, CVE-2022-42323] - Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324] - Xenstore: Guests can create arbitrary number of nodes via transactions [XSA-421, CVE-2022-42325, CVE-2022-42326] * Fri Oct 14 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-2 - Arm: unbounded memory consumption for 2nd-level page tables [XSA-409, CVE-2022-33747] (#2135268) - P2M pool freeing may take excessively long [XSA-410, CVE-2022-33746] (#2135641) - lock order inversion in transitive grant copy handling [XSA-411, CVE-2022-33748] (#2135263) * Sat Sep 17 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-1 - update to xen-4.16.2 remove or adjust patches now included or superceded upstream * Tue Jul 26 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-8 - insufficient TLB flush for x86 PV guests in shadow mode [XSA-408, CVE-2022-33745] (#2112223) * Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.16.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Jul 12 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-6 - Retbleed - arbitrary speculative code execution with return instructions [XSA-407, CVE-2022-23816, CVE-2022-23825, CVE-2022-29900] * Tue Jul 05 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-5 - Linux disk/nic frontends data leaks [XSA-403, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742] (#2104747) * Tue Jun 21 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-4 - x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166] * Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 4.16.1-3 - Rebuilt for Python 3.11 (F37 build only) * Sat Jun 11 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-2 - stop building for ix86 and armv7hl due to missing build dependency - x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362] - x86 pv: Insufficient care with non-coherent mappings [ XSA-402, CVE-2022-26363, CVE-2022-26364] - additional patches so above applies cleanly * Thu Apr 14 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.1-1 - update to xen-4.16.1 remove or adjust patches now included or superceded upstream renumber patches - strip .efi file to help EFI partitions with limited space * Tue Apr 05 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-6 - Racy interactions between dirty vram tracking and paging log dirty hypercalls [XSA-397, CVE-2022-26356] - race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357] - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400, CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361] - additional patches so above applies cleanly * Mon Mar 21 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.0-5 - fix build of xen*.efi file and package it in /usr/lib*/efi
/boot/flask /boot/flask/xenpolicy-4.18.1 /boot/xen /boot/xen-4 /boot/xen-4.18 /boot/xen-4.18.1 /boot/xen-4.18.1.config /usr/lib/debug/.build-id /usr/lib/debug/.build-id/94 /usr/lib/debug/.build-id/94/e075744e3c9196b3eeaecf32ccf6ee0ea9daf4 /usr/lib/debug/.build-id/94/e075744e3c9196b3eeaecf32ccf6ee0ea9daf4.debug /usr/lib/debug/xen-syms-4.18.1 /usr/lib/debug/xen-syms-4.18.1.map /usr/lib64/efi/xen-4.18.1.efi /usr/lib64/efi/xen-4.18.1.notstripped.efi
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 23:47:10 2024