Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: xen-hypervisor | Distribution: Fedora Project |
Version: 4.17.4 | Vendor: Fedora Project |
Release: 3.fc39 | Build date: Thu Aug 15 23:25:38 2024 |
Group: Unspecified | Build host: buildhw-a64-22.iad2.fedoraproject.org |
Size: 9394825 | Source RPM: xen-4.17.4-3.fc39.src.rpm |
Packager: Fedora Project | |
Url: http://xen.org/ | |
Summary: Libraries for Xen tools |
This package contains the Xen hypervisor
GPLv2+ and LGPLv2+ and BSD
* Thu Aug 15 2024 Michael Young <m.a.young@durham.ac.uk> - 4.17.4-3 - error handling in x86 IOMMU identity mapping [XSA-460, CVE-2024-31145] - PCI device pass-through with shared resources [XSA-461, CVE-2024-31146] * Tue Jul 16 2024 Michael Young <m.a.young@durham.ac.uk> - 4.17.4-2 - x86: Native Branch History Injection [XSA-456 version 3, CVE-2024-2201] - double unlock in x86 guest IRQ handling [XSA-458, CVE-2024-31143] (#2298690) * Tue Apr 09 2024 Michael Young <m.a.young@durham.ac.uk> - 4.17.4-1 - x86: Native Branch History Injection [XSA-456, CVE-2024-2201] - update to xen 4.17.4, remove patches now included upstream rebase xen.gcc12.fixes.patch - x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842] - x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142] * Thu Mar 14 2024 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-8 - x86: Register File Data Sampling [XSA-452, CVE-2023-28746] - GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193] - additional patches so above applies cleanly * Tue Feb 27 2024 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-7 - x86: shadow stack vs exceptions from emulation stubs - [XSA-451, CVE-2023-46841] (#2266326) * Tue Jan 30 2024 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-6 - arm32: The cache may not be properly cleaned/invalidated (take two) [XSA-447, CVE-2023-46837] - pci: phantom functions assigned to incorrect contexts [XSA-449, CVE-2023-46839] - VT-d: Failure to quarantine devices in !HVM build [XSA-450, CVE-2023-46840] * Tue Nov 14 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-5 - x86/AMD: mismatch in IOMMU quarantine page table levels [XSA-445, CVE-2023-46835] - x86: BTC/SRSO fixes not fully effective [XSA-446, CVE-2023-46836] * Tue Oct 10 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-4 - xenstored: A transaction conflict can crash C Xenstored [XSA-440, CVE-2023-34323] - x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326] - Multiple vulnerabilities in libfsimage disk handling [XSA-443, CVE-2023-34325] - x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327, CVE-2023-34328] * Sun Oct 08 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-3 - rebuild (f40) for OCaml 5.1 * Tue Sep 26 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-2 - arm32: The cache may not be properly cleaned/invalidated [XSA-437, CVE-2023-34321] - top-level shadow reference dropped too early for 64-bit PV guests [XSA-438, CVE-2023-34322] - x86/AMD: Divide speculative information leak [XSA-439, CVE-2023-20588] * Thu Aug 10 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-1 - update to xen-4.17.2 which includes x86/AMD: Speculative Return Stack Overflow [XSA-434, CVE-2023-20569] x86/Intel: Gather Data Sampling [XSA-435, CVE-2022-40982] - remove patches now included upstream * Tue Aug 01 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-9 - arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320] (#2228238) * Mon Jul 31 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-8 - bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593] * Tue Jul 25 2023 Michael Young <m.a.young@durham.ac.uk> - adjust OCaml patch condition so eln builds work * Mon Jul 24 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-7 - x86/AMD: Zenbleed [XSA-433, CVE-2023-20593] - omit OCaml 5 patch on fc38 * Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.17.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Mon Jul 10 2023 Jerry James <loganjerry@gmail.com> - 4.17.1-5 - Add patch for OCaml 5.0.0 * Tue Jun 27 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-4 - work around a build problem with python 3.12 * Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 4.17.1-3 - Rebuilt for Python 3.12 * Tue May 16 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-2 - Mishandling of guest SSBD selection on AMD hardware [XSA-431, CVE-2022-42336] * Tue May 02 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-1 - update to xen-4.17.1 remove patches now included upstream switch from patchN to patch N format for applying patches * Tue Apr 25 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-9 - x86 shadow paging arbitrary pointer dereference [XSA-430, CVE-2022-42335] * Tue Mar 21 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-8 - 3 security issues (#2180425) x86 shadow plus log-dirty mode use-after-free [XSA-427, CVE-2022-42332] x86/HVM pinned cache attributes mis-handling [XSA-428, CVE-2022-42333, CVE-2022-42334] x86: speculative vulnerability in 32bit SYSCALL path [XSA-429, CVE-2022-42331] * Sat Feb 18 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-7 - use OVMF.fd from new edk2-ovmf-xen package as ovmf.bin file built from edk2-ovmf package no longer supports xen (#2170930) * Tue Feb 14 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-6 - x86: Cross-Thread Return Address Predictions [XSA-426, CVE-2022-27672] * Wed Jan 25 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-5 - Guests can cause Xenstore crash via soft reset [XSA-425, CVE-2022-42330] (#2164520) * Tue Jan 24 2023 Michael Young <m.a.young@durham.ac.uk> - now need BuildRequires for hostname * Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.17.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Tue Jan 17 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-3 - build fix for gcc13 * Sun Jan 08 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-2 - fix clean up of init scripts if /etc/rc.d/init.d doesn't exist * Tue Dec 20 2022 Michael Young <m.a.young@durham.ac.uk> - python3-setuptools BuildRequires is needed for python 3.12 * Tue Dec 13 2022 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-1 - update to xen-4.17.0 rebase xen.fedora.systemd.patch and xen.canonicalize.patch remove or adjust patches now included or superceded upstream /var/lib/xenstored has moved to /run/xenstored * Tue Nov 08 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-4 - x86: Multiple speculative security issues [XSA-422, CVE-2022-23824] * Tue Nov 01 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-3 - x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327] - Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309] - Xenstore: Guests can create orphaned Xenstore nodes [XSA-415, CVE-2022-42310] - Xenstore: guests can let run xenstored out of memory [XSA-326, CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318] - Xenstore: Guests can cause Xenstore to not free temporary memory [XSA-416, CVE-2022-42319] - Xenstore: Guests can get access to Xenstore nodes of deleted domains [XSA-417, CVE-2022-42320] - Xenstore: Guests can crash xenstored via exhausting the stack [XSA-418, CVE-2022-42321] - Xenstore: Cooperating guests can create arbitrary numbers of nodes [XSA-419, CVE-2022-42322, CVE-2022-42323] - Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324] - Xenstore: Guests can create arbitrary number of nodes via transactions [XSA-421, CVE-2022-42325, CVE-2022-42326] * Fri Oct 14 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-2 - Arm: unbounded memory consumption for 2nd-level page tables [XSA-409, CVE-2022-33747] (#2135268) - P2M pool freeing may take excessively long [XSA-410, CVE-2022-33746] (#2135641) - lock order inversion in transitive grant copy handling [XSA-411, CVE-2022-33748] (#2135263) * Sat Sep 17 2022 Michael Young <m.a.young@durham.ac.uk> - 4.16.2-1 - update to xen-4.16.2 remove or adjust patches now included or superceded upstream
/boot/flask /boot/flask/xenpolicy-4.17.4 /boot/xen /boot/xen-4 /boot/xen-4.17 /boot/xen-4.17.4 /boot/xen-4.17.4.config /usr/lib/debug/.build-id /usr/lib/debug/.build-id/33 /usr/lib/debug/.build-id/33/c291fef381804be28dcd2c8d41d76b917aa835 /usr/lib/debug/.build-id/33/c291fef381804be28dcd2c8d41d76b917aa835.debug /usr/lib/debug/xen-syms-4.17.4 /usr/lib/debug/xen-syms-4.17.4.map /usr/lib64/efi/xen-4.17.4.efi /usr/lib64/efi/xen-4.17.4.notstripped.efi
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Oct 9 04:04:03 2024