Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: xen-hypervisor | Distribution: Mageia |
Version: 4.14.1 | Vendor: Mageia.Org |
Release: 1.mga8 | Build date: Mon Dec 21 07:44:19 2020 |
Group: System/Kernel and hardware | Build host: localhost |
Size: 6611038 | Source RPM: xen-4.14.1-1.mga8.src.rpm |
Packager: tv <tv> | |
Url: http://xen.org/ | |
Summary: Libraries for Xen tools |
This package contains the Xen hypervisor.
GPLv2+ and LGPLv2+ and BSD
* Mon Dec 21 2020 tv <tv> 4.14.1-1.mga8 + Revision: 1662465 - update to 4.14.1 * Wed Dec 16 2020 tv <tv> 4.14.0-11.mga8 + Revision: 1658002 - xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (rhbz#1908091) - Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (rhbz#1908095) - Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (rhbz#1908096) - Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (rhbz#1908088) - Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (rhbz#1905648) - oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (rhbz#1908000) - undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (rhbz#1908085) - oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (rhbz#1908002) - oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (rhbz#1908003) - infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (rhbz#1907932) - FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (rhbz#1907931) - FIFO event channels control structure ordering [XSA-359, CVE-2020-29571] (rhbz#1908089) - Work around another gcc-11 stringop-overflow diagnostic * Wed Nov 25 2020 tv <tv> 4.14.0-10.mga8 + Revision: 1649191 - stack corruption from XSA-346 change [XSA-355] * Mon Nov 23 2020 tv <tv> 4.14.0-9.mga8 + Revision: 1648810 - Support zstd compressed kernels (dom0 only) based on linux kernel code * Wed Nov 11 2020 tv <tv> 4.14.0-8.mga8 + Revision: 1644447 - Information leak via power sidechannel [XSA-351, CVE-2020-28368] (#1897146) * Wed Nov 04 2020 tv <tv> 4.14.0-7.mga8 + Revision: 1642581 - revised patch for XSA-286 (mitigating performance impact) - Work around gcc-11 stringop-overflow diagnostics as well * Thu Oct 29 2020 tv <tv> 4.14.0-6.1.mga8 + Revision: 1640521 - updage grub2 config when (un)installing hypervisor - x86 PV guest INVLPG-like flushes may leave stale TLB entries [XSA-286, CVE-2020-27674] (#1891092) - some fixes for gcc 11 - switch to systemd macros, use them in the sub pkgs - drop the requires on grub (useless) - drop the requires on kmod (already in basesystem) - drop obsolete BR on texi2html ghostscript tetex-latex - requires kpartx - fix license * Wed Oct 21 2020 tv <tv> 4.14.0-5.mga8 + Revision: 1637766 - create a xen-licenses collecting all sub licenses - split runtime in order to minimize deps - add xen-hypervisor-abi provides - do not hard requires the full qemu stack (deps!) * Tue Oct 20 2020 tv <tv> 4.14.0-4.mga8 + Revision: 1637400 - x86: Race condition in Xen mapping code [XSA-345] - undue deferral of IOMMU TLB flushes [XSA-346] - unsafe AMD IOMMU page table updates [XSA-347] - do not require non existing kernel-server on arm * Wed Sep 23 2020 tv <tv> 4.14.0-3.mga8 + Revision: 1629525 - x86 pv: Crash when handling guest access to MSR_MISC_ENABLE [XSA-333, CVE-2020-25602] (rhbz#1881619) - Missing unlock in XENMEM_acquire_resource error path [XSA-334, CVE-2020-25598] (rhbz#1881616) - race when migrating timers between x86 HVM vCPU-s [XSA-336, CVE-2020-25604] (rhbz#1881618) - PCI passthrough code reading back hardware registers [XSA-337, CVE-2020-25595] (rhbz#1881587) - once valid event channels may not turn invalid [XSA-338, CVE-2020-25597] (rhbz#1881588) - x86 pv guest kernel DoS via SYSENTER [XSA-339, CVE-2020-25596] (rhbz#1881617) - Missing memory barriers when accessing/allocating an event channel [XSA-340, CVE-2020-25603] (rhbz#1881583) - out of bounds event channels available to 32-bit x86 domains [XSA-342, CVE-2020-25600] (rhbz#1881582) - races with evtchn_reset() [XSA-343, CVE-2020-25599] (rhbz#1881581) - lack of preemption in evtchn_reset() / evtchn_destroy() [XSA-344, CVE-2020-25601] (rhbz#1881586) * Tue Aug 25 2020 tv <tv> 4.14.0-2.mga8 + Revision: 1618903 - QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364] (rhbz#1871850) * Sat Aug 01 2020 tv <tv> 4.14.0-1.mga8 + Revision: 1610277 - update to 4.14.0 remove or adjust patches now included or superceded upstream adjust xen.hypervisor.config bison and flex packages now needed for hypervisor build /usr/bin/vchan-socket-proxy and /usr/sbin/xenhypfs have been added with associated libraries and man page - revise documentation build dependencies drop tex, texinfo, ghostscript, graphviz, discount add perl(Pod::Html) perl(File::Find) - additional build dependency for ocaml on perl(Data::Dumper) * Wed Jul 08 2020 tv <tv> 4.13.1-3.mga8 + Revision: 1603032 - incorrect error handling in event channel port allocation leads to DoS [XSA-317, CVE-2020-15566] (#1854465) - inverted code paths in x86 dirty VRAM tracking leads to DoS [XSA-319, CVE-2020-15563] (#1854463) - xen: insufficient cache write-back under VT-d leads to DoS [XSA-321, CVE-2020-15565] (#1854467) - missing alignment check in VCPUOP_register_vcpu_info leads to DoS [XSA-327, CVE-2020-15564] (#1854458) - non-atomic modification of live EPT PTE leads to DoS [XSA-328, CVE-2020-15567] (#1854464) * Thu Jun 11 2020 tv <tv> 4.13.1-2.mga8 + Revision: 1592274 - Special Register Buffer speculative side channel [XSA-320] * Tue May 19 2020 tv <tv> 4.13.1-1.mga8 + Revision: 1586256 - update to 4.13.1 * Wed May 06 2020 tv <tv> 4.13.0-21.mga8 + Revision: 1581249 - force gcc >= 10 - build aarch64 hypervisor with -mno-outline-atomics to fix gcc 10 build * Wed Apr 15 2020 tv <tv> 4.13.0-19.mga8 + Revision: 1567543 - multiple xenoprof issues [XSA-313, CVE-2020-11740, CVE-2020-11741] (rhbz#1823912, rhbz#1823914) - Missing memory barriers in read-write unlock paths [XSA-314, CVE-2020-11739] (rhbz#1823784) - Bad error path in GNTTABOP_map_grant [XSA-316, CVE-2020-11743] (rhbz#1823926) - Bad continuation handling in GNTTABOP_copy [XSA-318, CVE-2020-11742] (rhbz#1823943) * Sun Apr 12 2020 tv <tv> 4.13.0-18.mga8 + Revision: 1566923 - try even harder to fix armv7 * Sun Apr 12 2020 tv <tv> 4.13.0-17.mga8 + Revision: 1566914 - try harder to fix armv7 * Sun Apr 12 2020 tv <tv> 4.13.0-16.mga8 + Revision: 1566910 - try to fix build on arm * Fri Apr 10 2020 tv <tv> 4.13.0-15.mga8 + Revision: 1566161 - rebuild for brltty 6.1 * Tue Mar 10 2020 tv <tv> 4.13.0-14.mga8 + Revision: 1555341 - setting for --with-system-ipxe should be a rom file (rhbz#1778516) - add weak depends on ipxe-roms-qemu and qemu-system-x86-core - build flask/xenpolicy * Fri Feb 28 2020 umeabot <umeabot> 4.13.0-13.mga8 + Revision: 1551376 - Rebuild for ocaml 4.10.0 final * Thu Feb 20 2020 umeabot <umeabot> 4.13.0-12.mga8 + Revision: 1546201 - Mageia 8 Mass Rebuild * Fri Jan 31 2020 pterjan <pterjan> 4.13.0-11.mga8 + Revision: 1486154 - Fix build on armv8l machines (by using arm32 rather than arm64) * Fri Jan 31 2020 tv <tv> 4.13.0-10.mga8 + Revision: 1486013 - use linux32 to hide the 64bitness of the build host & not build ACPI stuff - enable do disable ocaml support if needed * Fri Jan 31 2020 tv <tv> 4.13.0-9.mga8 + Revision: 1485972 - use --disable-qemu-traditional on armv7 - restore XEN_TARGET_ARCH=arm32 * Fri Jan 31 2020 tv <tv> 4.13.0-8.mga8 + Revision: 1485925 - try to workaround armv7 failing on 64bit aarch64 build host * Fri Jan 31 2020 tv <tv> 4.13.0-7.mga8 + Revision: 1485849 - try to workaround armv7 build failure * Tue Jan 28 2020 tv <tv> 4.13.0-6.mga8 + Revision: 1484597 - tag some files as %config - move oxenstored into ocaml-xen - update %descr * Thu Jan 23 2020 tv <tv> 4.13.0-5.mga8 + Revision: 1482247 - build fixes for OCaml 4.10.0 and gcc 10 * Fri Jan 17 2020 pterjan <pterjan> 4.13.0-4.mga8 + Revision: 1481223 - Attempt again to fix armv7hl build * Fri Jan 17 2020 pterjan <pterjan> 4.13.0-3.mga8 + Revision: 1481222 - Attempt to fix armv7hl build * Wed Jan 15 2020 tv <tv> 4.13.0-2.mga8 + Revision: 1478033 - arm: a CPU may speculate past the ERET instruction [XSA-312] - add weak requires for perl (/etc/xen/scripts/locking.sh) * Fri Dec 20 2019 tv <tv> 4.13.0-1.mga8 + Revision: 1469043 - update config file - update to 4.13.0 - remove patches now included or superceded upstream - adjust xen.hypervisor.config - /usr/sbin/xen-tmem-list-parse has been removed - pkgconfig files have moved to %{_libdir}/pkgconfig - /usr/sbin/xen-ucode has been added (x86 only) - fix build with OCaml 4.09.0 * Thu Dec 12 2019 tv <tv> 4.12.1-6.mga8 + Revision: 1466026 - denial of service in find_next_bit() [XSA-307, CVE-2019-19581, CVE-2019-19582] (#1782211) - denial of service in HVM/PVH guest userspace code [XSA-308, CVE-2019-19583] (#1782206) - privilege escalation due to malicious PV guest [XSA-309, CVE-2019-19578] (#1782210) - Further issues with restartable PV type change operations [XSA-310, CVE-2019-19580] (#1782207) - vulnerability in dynamic height handling for AMD IOMMU pagetables [XSA-311, CVE-2019-19577] (#1782208) - add patches needed to apply XSA-311 * Wed Nov 27 2019 tv <tv> 4.12.1-5.mga8 + Revision: 1463124 - Device quarantine for alternate pci assignment methods [XSA-306] * Wed Nov 13 2019 tv <tv> 4.12.1-4.mga8 + Revision: 1459858 - add missing XSA-299 patches - x86: Machine Check Error on Page Size Change DoS [XSA-304, CVE-2018-12207] - TSX Asynchronous Abort speculative side channel [XSA-305, CVE-2019-11135] * Sun Nov 03 2019 tv <tv> 4.12.1-3.mga8 + Revision: 1457483 - VCPUOP_initialise DoS [XSA-296, CVE-2019-18420] - missing descriptor table limit checking in x86 PV emulation [XSA-298, CVE-2019-18425] - Issues with restartable PV type change operations [XSA-299, CVE-2019-18421] (#1767726) - add-to-physmap can be abused to DoS Arm hosts [XSA-301, CVE-2019-18423] - passed through PCI devices may corrupt host memory after deassignment [XSA-302, CVE-2019-18424] (#1767731) - ARM: Interrupts are unconditionally unmasked in exception handlers [XSA-303, CVE-2019-18422] * Sun Sep 15 2019 tv <tv> 4.12.1-2.mga8 + Revision: 1441507 - rebuild with new rpm linked perl-URPM * Fri Aug 09 2019 tv <tv> 4.12.1-1.mga8 + Revision: 1428475 - new release * Thu Jul 04 2019 tv <tv> 4.12.0-3.mga8 + Revision: 1418400 - Unlimited Arm Atomics Operations [XSA-295] (#1720760) - some debug files are now properly packaged in debuginfo rpms - fix HVM DomU boot on some chipsets - fix expected FTBFS with Python 3.8 (#1704807) * Wed May 15 2019 tv <tv> 4.12.0-2.mga7 + Revision: 1397871 - Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] - additional patches so above applies cleanly * Sun Apr 14 2019 tv <tv> 4.12.0-1.mga7 + Revision: 1389949 - reeable i586 but disable cross compiling hypervisor for now - fix filelist for aarch64 - temporary disable i586 - update to 4.12.0 - remove patches for issues now fixed upstream - replace xen.use.fedora.ipxe.patch with --with-system-ipxe - drop xen.glibcfix.patch xen.gcc8.temp.fix.patch which are no longer needed - rediff patches - xen.hypervisor.config refresh - kdd is now xen-kdd, xenmon.py is now xenmon, fsimage.so is now xenfsimage.so fs libdir is now xenfsimage libdir - xen-ringwatch xen-bugtool have been dropped - remove remaining traces of efiming and efi_flags logic - switch from python2 to python3 * Wed Mar 06 2019 tv <tv> 4.11.1-1.mga7 + Revision: 1372036 - enable to disable building docs - update to 4.11.1 - construct ovmf.bin from edk2-ovmf package (rhbz#1656651) - xen: various flaws (rhbz#1685577) grant table transfer issues on large hosts [XSA-284] race with pass-through device hotplug [XSA-285] x86: steal_page violates page_struct access discipline [XSA-287] x86: Inconsistent PV IOMMU discipline [XSA-288] missing preemption in x86 PV page table unvalidation [XSA-290] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291] x86: insufficient TLB flushing when using PCID [XSA-292] x86: PV kernel context switch corruption [XSA-293] x86 shadow: Insufficient TLB flushing when using PCID [XSA-294] remove patches for issues now fixed upstream adjust xen.use.fedora.ipxe.patch
/boot/xen /boot/xen-4 /boot/xen-4.14 /boot/xen-4.14.1 /boot/xen-4.14.1.config /boot/xenpolicy-4.14.1 /usr/lib/debug/.build-id /usr/lib/debug/.build-id/f3 /usr/lib/debug/.build-id/f3/8d1c356268981e7ec87c1d00715ceb86b6ac63 /usr/lib/debug/.build-id/f3/8d1c356268981e7ec87c1d00715ceb86b6ac63.debug /usr/lib/debug/xen-syms-4.14.1 /usr/lib/debug/xen-syms-4.14.1.map
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 14:57:28 2024