|
|
|
|
Changelog for xen-libs-4.10.0-8.fc28.i686.rpm :
* Fri Mar 09 2018 Michael Young - 4.10.0-8- fix safe-strings patch for OCaml 4.0.6 * Sun Mar 04 2018 Michael Young - 4.10.0-7- avoid building parts of xen twice- hypervisor built with -fcf-protection doesn\'t work on x86_64 * Wed Feb 28 2018 Michael Young - 4.10.0-6- update patch for XPTI mitigation for XSA-254- add Branch Target Injection (BTI) mitigation for XSA-254- DoS via non-preemptable L3/L4 pagetable freeing [XSA-252, CVE-2018-7540] (#1549568)- grant table v2 -> v1 transition may crash Xen [XSA-255, CVE-2018-7541] (#1549570)- x86 PVH guest without LAPIC may DoS the host [XSA-256, CVE-2018-7542] (#1549572)- further build issue fixes with gcc8 (some temporary workarounds)- -mcet and -fcf-protection aren\'t recognized in hypervisor build x86_64 on i686 either * Fri Feb 23 2018 Michael Young - fix some build issues with gcc8 * Fri Feb 09 2018 Igor Gnatenko - 4.10.0-5- Escape macros in %changelog * Sun Feb 04 2018 Igor Gnatenko - 4.10.0-4- Switch to %ldconfig_scriptlets * Sun Jan 14 2018 Michael Young - 4.10.0-3- fix typo in annobin build fix- add 4.10.0-shim-comet-3 shim mitigation for [XSA-254, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754] + build fixes XSA-253 patch included in comet patches CONFIG_XEN_GUEST line needed xen.hypervisor.config for comet delay and adjust xen.use.fedora.ipxe.patch and xen.fedora.efi.build.patch package /usr/lib/xen/boot/xen-shim- add Xen page-table isolation (XPTI) mitigation for XSA-254- -fstack-clash-protection isn\'t recognized in hypervisor build x86_64 on i686- __python macro is no longer set, replace by /usr/bin/python2 * Thu Jan 04 2018 Michael Young - 4.10.0-2- x86: memory leak with MSR emulation [XSA-253, CVE-2018-5244] (#1531110) * Mon Dec 18 2017 Michael Young - 4.10.0-1- renumber patches- fix build with OCaml 4.0.6 (#1526703)- disable annobin for x86_64 hypervisor to allow it to build * Mon Dec 18 2017 Michael Young - allow building without hypervisor, docs, qemu-xen-traditional or stubdoms- fix build without ocaml * Mon Dec 18 2017 Michael Young - update to 4.10.0 adjust xen.use.fedora.ipxe.patch update xen.hypervisor.config remove patches for issues now fixed upstream tapdisk * qcow-create qcow2raw img2qcow utilities have been dropped lock-util tap-ctl td-util vhd- * utilities have been dropped package xen-diag and extra manual pages- iasl BuildRequires is now in acpica-tools * Tue Dec 12 2017 Michael Young - 4.9.1-4- another patch related to the [XSA-240, CVE-2017-15595] issue- xen: various flaws (#1525018) x86 PV guests may gain access to internally used page [XSA-248, CVE-2017-17566] broken x86 shadow mode refcount overflow check [XSA-249, CVE-2017-17563] improper x86 shadow mode refcount error handling [XSA-250, CVE-2017-17564] improper bug check in x86 log-dirty handling [XSA-251, CVE-2017-17565] * Sat Dec 02 2017 Richard W.M. Jones - 4.9.1-3- OCaml 4.06.0 rebuild. * Tue Nov 28 2017 Michael Young - 4.9.1-2- xen: various flaws (#1518214) x86: infinite loop due to missing PoD error checking [XSA-246, CVE-2017-17044] Missing p2m error checking in PoD code [XSA-247, CVE-2017-17045] * Thu Nov 23 2017 Michael Young - 4.9.1-1- update to 4.9.1 (#1515818) adjust xen.use.fedora.ipxe.patch and qemu.git-fec5e8c92becad223df9d972770522f64aafdb72.patch remove patches for issues now fixed upstream and parts of xen.gcc7.fix.patch update xen.hypervisor.config- update Source0 location * Wed Nov 15 2017 Michael Young - 4.9.0-14- fix an issue in patch for [XSA-240, CVE-2017-15595] that might be a security issue- fix for [XSA-243, CVE-2017-15592] could cause hypervisor crash (DOS) * Thu Oct 26 2017 Michael Young - 4.9.0-13- pin count / page reference race in grant table code [XSA-236, CVE-2017-15597] (#1506693) * Thu Oct 12 2017 Michael Young - 4.9.0-12- xen: various flaws (#1501391) multiple MSI mapping issues on x86 [XSA-237, CVE-2017-15590] DMOP map/unmap missing argument checks [XSA-238, CVE-2017-15591] hypervisor stack leak in x86 I/O intercept code [XSA-239, CVE-2017-15589] Unlimited recursion in linear pagetable de-typing [XSA-240, CVE-2017-15595] Stale TLB entry due to page type release race [XSA-241, CVE-2017-15588] page type reference leak on x86 [XSA-242, CVE-2017-15593] x86: Incorrect handling of self-linear shadow mappings with translated guests [XSA-243, CVE-2017-15592] x86: Incorrect handling of IST settings during CPU hotplug [XSA-244, CVE-2017-15594] * Sun Oct 01 2017 Michael Young - 4.9.0-11- ARM: Some memory not scrubbed at boot [XSA-245, CVE-2017-17046] (#1499843)- Qemu: vga: reachable assert failure during during display update [CVE-2017-13673] (#1486591)- Qemu: vga: OOB read access during display update [CVE-2017-13672] (#1486562) * Tue Sep 12 2017 Michael Young - 4.9.0-10- xen: various flaws (#1490884) Missing NUMA node parameter verification [XSA-231, CVE-2017-14316] Missing check for grant table [XSA-232, CVE-2017-14318] cxenstored: Race in domain cleanup [XSA-233, CVE-2017-14317] insufficient grant unmapping checks for x86 PV guests [XSA-234, CVE-2017-14319] * Tue Aug 29 2017 Michael Young - 4.9.0-9- Qemu: usb: ohci: infinite loop due to incorrect return value [CVE-2017-9330] (#1457698)- Qemu: nbd: segmentation fault due to client non-negotiation [CVE-2017-9524] (#1460173)- Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort [CVE-2017-10664] (#1466466)- Qemu: exec: oob access during dma operation [CVE-2017-11334] (#1471640)- revised full fix for XSA-226 (regressed 32-bit Dom0 or backend domains) * Wed Aug 23 2017 Michael Young - 4.9.0-8- full fix for XSA-226, replacing workaround- drop conflict of xendomain and libvirtd as can cause problems (#1398590)- add-to-physmap error paths fail to release lock on ARM [XSA-235] (#1484476)- Qemu: audio: host memory leakage via capture buffer [CVE-2017-8309] (#1446521)- Qemu: input: host memory leakage via keyboard events [CVE-2017-8379] (#1446561) * Tue Aug 15 2017 Michael Young - 4.9.0-7- xen: various flaws (#1481765) multiple problems with transitive grants [XSA-226, CVE-2017-12135] x86: PV privilege escalation via map_grant_ref [XSA-227, CVE-2017-12137] grant_table: Race conditions with maptrack free list handling [XSA-228, CVE-2017-12136] grant_table: possibly premature clearing of GTF_writing / GTF_reading [XSA-230, CVE-2017-12855] * Sat Aug 12 2017 Michael Young - 4.9.0-6- files in /usr/lib/debug are not just in efi builds * Sat Aug 12 2017 Michael Young - 4.9.0-5- rebuild for ocaml * Thu Aug 03 2017 Fedora Release Engineering - 4.9.0-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Mon Jul 31 2017 Michael Young - 4.9.0-3- Qemu: serial: host memory leakage 16550A UART emulation [CVE-2017-5579] (#1416162)- Qemu: display: cirrus: OOB read access issue [CVE-2017-7718] (#1443444)- package some files now in /usr/lib/debug * Thu Jul 27 2017 Fedora Release Engineering - 4.9.0-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Fri Jul 14 2017 Michael Young - 4.9.0-1- update to 4.9.0 (#1465707) adjust xen.use.fedora.ipxe.patch, xen.fedora.efi.build.patch and xen.canonicalize.patch remove patches for issues now fixed upstream and parts of xen.gcc7.fix.patch package new manual pages- make python dependencies explicitly version 2- switch xen-doc subpackage to noarch- require perl-interpreter instead of perl for packaging policy change * Tue Jun 27 2017 Richard W.M. Jones - 4.8.1-5- Rebuild for OCaml 4.04.2. * Tue Jun 20 2017 Michael Young - 4.8.1-4- xen: various flaws (#1463247) blkif responses leak backend stack data [XSA-216] page transfer may allow PV guest to elevate privilege [XSA-217] Races in the grant table unmap code [XSA-218] x86: insufficient reference counts during shadow emulation [XSA-219] x86: PKRU and BND * leakage between vCPU-s [XSA-220] NULL pointer deref in event channel poll [XSA-221] (#1463231) stale P2M mappings due to insufficient error checking [XSA-222] ARM guest disabling interrupt may crash Xen [XSA-223] grant table operations mishandle reference counts [XSA-224] arm: vgic: Out-of-bound access when sending SGIs [XSA-225] * Mon May 15 2017 Richard W.M. Jones - 4.8.1-3- Rebuild for OCaml 4.04.1. * Wed May 03 2017 Michael Young - 4.8.1-2- xen: various flaws (#1447345) x86: 64bit PV guest breakout via pagetable use-after-mode-change [XSA-213] grant transfer allows PV guest to elevate privileges [XSA-214] * Mon Apr 10 2017 Michael Young - 4.8.1-1- update to xen-4.8.1 adjust xen.use.fedora.ipxe.patch, qemu.trad.bug1399055.patch and qemu.git-4299b90e9ba9ce5ca9024572804ba751aa1a7e70.patch remove upstream patches renumber patches * Wed Apr 05 2017 Michael Young - 4.8.0-13- gcc7 build fix for arm * Tue Apr 04 2017 Michael Young - 4.8.0-12- gcc7 build fix for i686- proposed upstream fix for [XSA-206] build issue- Qemu: 9pfs: host memory leakage via v9fs_create [CVE-2017-7377] (#1437873)- x86: broken check in memory_exchange() permits PV guest breakout [XSA-212, CVE-2017-7228] (#1438804) * Wed Mar 29 2017 Michael Young - 4.8.0-11- add additional patch for [XSA-206] (#1436690)- gcc7 build fix for [XSA-206] * Tue Mar 28 2017 Michael Young - 4.8.0-10- xenstore denial of service via repeated update [XSA-206] (#1436690) * Thu Mar 16 2017 Michael Young - 4.8.0-9- Cirrus VGA Heap overflow via display refresh [XSA-211, CVE-2016-9603] (#1432041)- Qemu: usb: an infinite loop issue in ohci_service_ed_list [CVE-2017-6505] (#1429433) * Wed Mar 01 2017 Michael Young - 4.8.0-8- make sure efi isn\'t built on i686 * Wed Mar 01 2017 Michael Young - 4.8.0-7- actually include one of the XSA-209 patches- mingw64-binutils no longer needed for building efi for x86_64 on fc26+- canonicalize is now a maths function in ISO C so rename use in xenstore (#1422460) * Sat Feb 25 2017 Michael Young - 4.8.0-6- update patches for XSA-209- arm: memory corruption when freeing p2m pages [XSA-210] (#1426327) * Wed Feb 22 2017 Michael Young - 4.8.0-5- cirrus_bitblt_cputovideo does not check if memory region is safe [XSA-209, CVE-2017-2620] (#1425420) * Wed Feb 15 2017 Michael Young - 4.8.0-4- patch to build with gcc7- memory leak when destroying guest without PT devices [XSA-207] (#1422492)- update patches for XSA-208 after upstream revision (no functional change) * Fri Feb 10 2017 Michael Young - 4.8.0-3- Qemu: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive [CVE-2016-9776]- Qemu: audio: memory leakage in ac97 [CVE-2017-5525] (#1414111)- Qemu: audio: memory leakage in es1370 device [CVE-2017-5526] (#1414211)- oob access in cirrus bitblt copy [XSA-208, CVE-2017-2615] (#1418243) * Wed Dec 21 2016 Michael Young - 4.8.0-2- qemu ioport array overflow [XSA-199, CVE-2016-9637]- two security flaws (#1406840) x86 PV guests may be able to mask interrupts [XSA-202, CVE-2016-10024] x86: missing NULL pointer check in VMFUNC emulation [XSA-203, CVE-2016-10025]- x86: Mishandling of SYSCALL singlestep during emulation [XSA-204, CVE-2016-10013] (#1406260) * Wed Dec 07 2016 Michael Young - 4.8.0-1- update to xen-4.8.0 (#1401490) includes fix for [XSA-201, CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818] (#1399747) adjust xen.use.fedora.ipxe.patch, xen.fedora.efi.build.patch, xen.fedora.systemd.patch and xen.hypervisor.config use upstream xendriverdomain systemd script remove upstream patches xenstored. *socket and gtrace * are no longer built renumber patches- add armv7hl and aarch64 builds (experimental in Fedora)- qemu: Divide by zero vulnerability in cirrus_do_copy (#1399055) [CVE-2016-9921, CVE-2016-9922]- Qemu: 9pfs: memory leakage via proxy/handle callbacks (#1402278) * Tue Nov 22 2016 Michael Young - 4.7.1-3- xen : various security flaws (#1397383) x86 null segments not always treated as unusable [XSA-191, CVE-2016-9386] x86 task switch to VM86 mode mis-handled [XSA-192, CVE-2016-9382] x86 segment base write emulation lacking canonical address checks [XSA-193, CVE-2016-9385] guest 32-bit ELF symbol table load leaking host data [XSA-194, CVE-2016-9384] x86 64-bit bit test instruction emulation broken [XSA-195, CVE-2016-9383] x86 software interrupt injection mis-handled [XSA-196, CVE-2016-9377, CVE-2016-9378] qemu incautious about shared ring processing [XSA-197, CVE-2016-9381] delimiter injection vulnerabilities in pygrub [XSA-198, CVE-2016-9379, CVE-2016-9380] * Mon Nov 14 2016 Richard W.M. Jones - 4.7.1-2- Rebuild for OCaml 4.04.0. * Mon Nov 07 2016 Michael Young - 4.7.1-1- update to xen-4.7.1 adjust xen.use.fedora.ipxe.patch remove upstream patches * Sat Nov 05 2016 Richard W.M. Jones - 4.7.0-8- Rebuild for OCaml 4.04.0. * Sun Oct 30 2016 Michael Young - 4.7.0-7- Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch [CVE-2016-8576] (#1382323)- Qemu: 9pfs: host memory leakage in v9fs_read [CVE-2016-8577] (#1383287)- Qemu: 9pfs: allocate space for guest originated empty strings [CVE-2016-8578] (#1383293)- Qemu: char: divide by zero error in serial_update_parameters [CVE-2016-8669] (#1384910)- Qemu: net: rtl8139: infinite loop while transmit in C+ mode [CVE-2016-8910] (#1388048)- qemu-kvm: Infinite loop vulnerability in a9_gtimer_update() (#1388301)- Qemu: 9pfs: information leakage via xattr [CVE-2016-9103] (#1389644)- Qemu: 9pfs: memory leakage when creating extended attribute [CVE-2016-9102] (#1389552)- Qemu: 9pfs: memory leakage in v9fs_link [CVE-2016-9105] (#1389705)- Qemu: 9pfs: memory leakage in v9fs_write [CVE-2016-9106] (#1389714)- Qemu: 9pfs: integer overflow leading to OOB access [CVE-2016-9104] (#1389689) * Tue Oct 04 2016 Michael Young - 4.7.0-6- enable xen livepatch in hypervisor via .config file- qemu-kvm: Directory traversal flaw in 9p virtio backend [CVE-2016-7116] (#1371400)- qemu: hw: net: Heap overflow in xlnx.xps-ethernetlite [CVE-2016-7161] (#1379299)- CR0.TS and CR0.EM not always honored for x86 HVM guest [XSA-190, CVE-2016-7777] (#1381576) * Thu Sep 08 2016 Michael Young - 4.7.0-5- pandoc (documentation) has dependency issues again on F25 * Thu Sep 08 2016 Michael Young - 4.7.0-4- fix build problem with glibc 2.24- x86: Disallow L3 recursive pagetable for 32-bit PV guests [XSA-185, CVE-2016-7092] (#1374470)- x86: Mishandling of instruction pointer truncation during emulation [XSA-186, CVE-2016-7093] (#1374471)- x86 HVM: Overflow of sh_ctxt->seg_reg[] [XSA-187, CVE-2016-7094] (#1374473) * Wed Aug 10 2016 Michael Young - 4.7.0-3- replace xendriverdomain sysvinit script with a systemd file (#1361324) * Wed Jul 27 2016 Michael Young - 4.7.0-2- x86: Privilege escalation in PV guests [XSA-182, CVE-2016-6258] (#1360358)- x86: Missing SMAP whitelisting in 32-bit exception / event delivery [XSA-183, CVE-2016-6259] (#1360359)- virtio: unbounded memory allocation issue [XSA-184, CVE-2016-5403] (#1360831)- Qemu: scsi: esp: OOB write access in esp_do_dma [CVE-2016-6351] (#1360599) * Fri Jul 22 2016 Michael Young - 4.7.0-1- update to xen-4.7.0 adjust xen.use.fedora.ipxe.patch, xen.fedora.efi.build.patch, qemu.CVE-2016-2391.patch, qemu.CVE-2016-4002.patch and qemu.bug1330513.patch package extra files /usr/bin/xen-cpuid /usr/sbin/xen-livepatch /boot/xen *.config remove upstream patches- set RPM_OPT_FLAGS options in command line rather than patches, similarly remove xen.64.bit.hyp.on.ix86.patch, also xen.gcc5.fix.patch and xen.gcc6.fix.patch are no longer needed- drop optional sysv support, make systemd unconditional- renumber patches * Tue Jul 19 2016 Fedora Release Engineering - 4.6.3-3- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages * Sun Jul 10 2016 Michael Young - 4.6.3-2- perl build requires change for F25- allow bigger xs_watch pthread stacksize for Fedora qemu * Thu Jun 23 2016 Michael Young - 4.6.3-1- update to xen-4.6.3 adjust xen.use.fedora.ipxe.patch, xen.fedora.crypt.patch and xen.gcc6.fix.patch remove upstream patches * Mon Jun 13 2016 Michael Young - 4.6.1-12- fix systemd build issue on F25- Qemu: scsi: esp: OOB r/w access while processing ESP_FIFO [CVE-2016-5338] (#1343323)- Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info [CVE-2016-5337] (#1343909) * Fri Jun 03 2016 Michael Young - 4.6.1-11- fix for CVE-2016-2858 doesn\'t build with qemu-xen enabled- Unsanitised guest input in libxl device handling code [XSA-175, CVE-2016-4962] (#1342132)- Unsanitised driver domain input in libxl device handling [XSA-178, CVE-2016-4963] (#1342131)- arm: Host crash caused by VMID exhaust [XSA-181] (#1342530)- Qemu: display: vmsvga: out-of-bounds read in vmsvga_fifo_read_raw() routine [CVE-2016-4454] (#1340741)- Qemu: display: vmsvga: infinite loop in vmsvga_fifo_run() routine [CVE-2016-4453] (#1340746)- Qemu: scsi: esp: OOB write when using non-DMA mode in get_cmd [CVE-2016-5238] (#1341931) * Sat May 28 2016 Michael Young - 4.6.1-10- cleaner way to set kernel module load list- Unrestricted qemu logging [XSA-180, CVE-2014-3672] (#1339125)- Qemu: scsi: esp: OOB write while writing to \'s->cmdbuf\' in esp_reg_write [CVE-2016-4439] (#1337502)- Qemu: scsi: esp: OOB write while writing to \'s->cmdbuf\' in get_cmd [CVE-2016-4441] (#1337505)- Qemu: scsi: megasas: out-of-bounds write while setting controller properties [CVE-2016-5106] (#1339578)- Qemu: scsi: megasas: stack information leakage while reading configuration [CVE-2016-5105] (#1339583) * Tue May 17 2016 Michael Young - 4.6.1-9- xen no longer crashes when built without -fno-tree-coalesce-vars- in systemd only try to load kernel modules that are in Fedora (#1291089)- x86 software guest page walk PS bit handling flaw [XSA-176, CVE-2016-4480] (#1332657) * Tue May 10 2016 Michael Young - 4.6.1-8- create link to /usr/bin/qemu-system-i386 from /usr/lib/xen/bin for back compatibility and for virt-manager (#1334554) (#1299745) * Mon May 09 2016 Michael Young - 4.6.1-7- qemu-kvm: Integer overflow in SDL when creating too wide screen (#1330513)- QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks [XSA-179, CVE-2016-3710, CVE-2016-3712] (#1334346) (#1334343) * Mon Apr 18 2016 Michael Young - 4.6.1-6- x86 shadow pagetables: address width overflow [XSA-173, CVE-2016-3960] (#1328118)- Qemu: net: buffer overflow in stellaris_enet emulator [CVE-2016-4001] (#1325886)- Qemu: net: buffer overflow in MIPSnet emulator [CVE-2016-4002] (#1326084)- qemu: Infinite loop vulnerability in usb_ehci using siTD process [CVE-2016-4037] (#1328081) (supercedes CVE-2015-8558 patch) * Sun Apr 03 2016 Michael Young - 4.6.1-5- build with -fno-tree-coalesce-vars to avoid a crash on boot * Tue Mar 29 2016 Michael Young - 4.6.1-4- fix for build problems on F25- broken AMD FPU FIP/FDP/FOP leak workaround [XSA-172, CVE-2016-3158, CVE-2016-3159] (#1321944) * Mon Mar 07 2016 Michael Young - 4.6.1-3- pandoc should work again- Qemu: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714 (#1296080)- Qemu: i386: null pointer dereference in vapic_write() CVE-2016-1922 (#1292767)- qemu: Stack-based buffer overflow in megasas_ctrl_get_info CVE-2015-8613 (#1293305)- qemu-kvm: Infinite loop and out-of-bounds transfer start in start_xmit() and e1000_receive_iov() CVE-2016-1981 (#1299996)- Qemu: usb ehci out-of-bounds read in ehci_process_itd (#1300235)- Qemu: usb: ehci null pointer dereference in ehci_caps_write CVE-2016-2198 (#1303135)- Qemu: net: ne2000: infinite loop in ne2000_receive CVE-2016-2841 (#1304048)- Qemu: usb: integer overflow in remote NDIS control message handling CVE-2016-2538 (#1305816)- Qemu: usb: null pointer dereference in remote NDIS control message handling CVE-2016-2392 (#1307116)- Qemu: usb: multiple eof_timers in ohci module leads to null pointer dereference CVE-2016-2391 (#1308882)- Qemu: net: out of bounds read in net_checksum_calculate() CVE-2016-2857 (#1309565)- Qemu: OOB access in address_space_rw leads to segmentation fault CVE-2015-8817 CVE-2015-8818 (#1313273)- Qemu: rng-random: arbitrary stack based allocation leading to corruption CVE-2016-2858 (#1314678) * Wed Feb 17 2016 Michael Young - 4.6.1-2- x86: inconsistent cachability flags on guest mappings [XSA-154, CVE-2016-2270] (#1309324)- VMX: guest user mode may crash guest with non-canonical RIP [XSA-170, CVE-2016-2271] (#1309323) * Fri Feb 12 2016 Michael Young - 4.6.1-1- update to xen-4.6.1 adjust xen.use.fedora.ipxe.patch remove upstream patches- don\'t build with pandoc (documentation) due to dependency issues * Mon Feb 08 2016 Michael Young - 4.6.0-12- revise patch to build with gcc6 * Sun Feb 07 2016 Michael Young - 4.6.0-11- patch to build with gcc6 * Fri Feb 05 2016 Fedora Release Engineering - 4.6.0-10- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Wed Jan 20 2016 Michael Young - 4.6.0-9- PV superpage functionality missing sanity checks [XSA-167, CVE-2016-1570] (#1300345)- VMX: intercept issue with INVLPG on non-canonical address [XSA-168, CVE-2016-1571] (#1300342)- Qemu: pci: null pointer dereference issue CVE-2015-7549 (#1291139)- qemu: DoS by infinite loop in ehci_advance_state CVE-2015-8558 (#1291310)- qemu: Heap-based buffer overrun during VM migration CVE-2015-8666 (#1294028)- Qemu: net: vmxnet3: incorrect l2 header validation leads to a crash via assert(2) call CVE-2015-8744 (#1295441)- qemu: Support reading IMR registers on bar0 CVE-2015-8745 (#1295443)- Qemu: net: vmxnet3: host memory leakage CVE-2015-8567 CVE-2015-8568 (#1289817)- Qemu: net: ne2000: OOB memory access in ioport r/w functions CVE-2015-8743 (#1294788) * Mon Dec 21 2015 Michael Young - 4.6.0-8- x86: unintentional logging upon guest changing callback method [XSA-169, CVE-2015-8615] (#1293675) * Thu Dec 17 2015 Michael Young - 4.6.0-7- four security updates (#1292439) paravirtualized drivers incautious about shared memory contents [XSA-155, CVE-2015-8550] qemu-dm buffer overrun in MSI-X handling [XSA-164, CVE-2015-8554] information leak in legacy x86 FPU/XMM initialization [XSA-165, CVE-2015-8555] ioreq handling possibly susceptible to multiple read issue [XSA-166] * Thu Dec 10 2015 Michael Young - 4.6.0-6- eepro100: Prevent two endless loops [CVE-2015-8345] (#1285215)- pcnet: fix rx buffer overflow [CVE-2015-7512] (#1286563)- ui: vnc: avoid floating point exception [CVE-2015-8504] (#1289544)- additional patch for [XSA-158, CVE-2015-8338] * Tue Dec 08 2015 Michael Young - 4.6.0-5- three security updates (#1289568) long running memory operations on ARM [XSA-158, CVE-2015-8338] XENMEM_exchange error handling issues [XSA-159, CVE-2015-8339, CVE-2015-8340] libxl leak of pv kernel and initrd on error [XSA-160, CVE-2015-8341] * Sun Dec 06 2015 Michael Young - 4.6.0-4- heap buffer overflow vulnerability in pcnet emulator [XSA-162, CVE-2015-7504] (#1286544)- virtual PMU is unsupported [XSA-163] (#1285351) * Tue Nov 10 2015 Michael Young - 4.6.0-3- x86: CPU lockup during exception delivery [XSA-156, CVE-2015-5307, CVE-2015-8104] (#1279689, #1279690)- silence 2 macro in comment warnings * Thu Oct 29 2015 Michael Young - 4.6.0-2- nine security updates (#1276344) arm: Host crash when preempting a multicall [XSA-145, CVE-2015-7812] arm: various unimplemented hypercalls log without rate limiting [XSA-146, CVE-2015-7813] arm: Race between domain destruction and memory allocation decrease [XSA-147, CVE-2015-7814] x86: Uncontrolled creation of large page mappings by PV guests [XSA-148, CVE-2015-7835] leak of main per-domain vcpu pointer array [XSA-149, CVE-2015-7969] x86: Long latency populate-on-demand operation is not preemptible [XSA-150, CVE-2015-7970] x86: leak of per-domain profiling-related vcpu pointer array [XSA-151, CVE-2015-7969] x86: some pmu and profiling hypercalls log without rate limiting [XSA-152, CVE-2015-7971] x86: populate-on-demand balloon size inaccuracy can crash guests [XSA-153, CVE-2015-7972] * Sun Oct 11 2015 Michael Young - 4.6.0-1- update to xen-4.6.0 xen-dumpdir.patch no longer needed adjust xen.use.fedora.ipxe.patch and xen.fedora.systemd.patch remove upstream patches add build fix for blktap2 to gcc5 fixes udev rules have now gone as have xen-syms in /boot package extra files /etc/rc.d/init.d/xendriverdomain /usr/bin/xenalyze /usr/sbin/xentrace /usr/sbin/xentrace_setsize /usr/share/pkgconfig/ *.pc- renumber patches- add build-requires for pandoc and discount to improve docs * Sat Oct 10 2015 Michael Young - 4.5.1-13- patch CVE-2015-7295 for qemu-xen-traditional as well * Thu Oct 08 2015 Michael Young - 4.5.1-12- Qemu: net: virtio-net possible remote DoS [CVE-2015-7295] (#1264392) * Tue Oct 06 2015 Michael Young - 4.5.1-11- create a symbolic link so libvirt VMs from xen 4.0 to 4.4 can still find qemu-dm (#1268176), (#1248843) * Sun Sep 27 2015 Michael Young - 4.5.1-10- ide: fix ATAPI command permissions [CVE-2015-6855] (#1261792) * Sat Sep 26 2015 Michael Young - 4.5.1-9- ui/vnc: limit client_cut_text msg payload size [CVE-2015-5239] (#1259504)- e1000: Avoid infinite loop in processing transmit descriptor [CVE-2015-6815] (#1260224)- net: add checks to validate ring buffer pointers [CVE-2015-5279] (#1263278)- net: avoid infinite loop when receiving packets [CVE-2015-5278] (#1263281)- qemu buffer overflow in virtio-serial [CVE-2015-5745] (#1251354) * Tue Sep 15 2015 Michael Young - 4.5.1-8- libxl fails to honour readonly flag on disks with qemu-xen [XSA-142, CVE-2015-7311] (#1257893) (final patch version) * Tue Sep 01 2015 Michael Young - 4.5.1-7- printk is not rate-limited in xenmem_add_to_physmap_one (ARM) [XSA-141, CVE-2015-6654] * Mon Aug 03 2015 Michael Young - 4.5.1-6- Use after free in QEMU/Xen block unplug protocol [XSA-139, CVE-2015-5166] (#1249757)- QEMU leak of uninitialized heap memory in rtl8139 device model [XSA-140, CVE-2015-5165] (#1249756) * Sun Aug 02 2015 Michael Young - 4.5.1-5- QEMU heap overflow flaw while processing certain ATAPI commands. [XSA-138, CVE-2015-5154] (#1247142)- try again to fix xen-qemu-dom0-disk-backend.service (#1242246) * Thu Jul 30 2015 Richard W.M. Jones - 4.5.1-4- OCaml 4.02.3 rebuild. * Thu Jul 23 2015 Michael Young - 4.5.1-3- correct qemu location in xen-qemu-dom0-disk-backend.service (#1242246)- rebuild efi grub.cfg if it is present (#1239309)- re-enable remus by building with libnl3- modify gnutls use in line with Fedora\'s crypto policies (#1179352) * Tue Jul 07 2015 Michael Young - 4.5.1-2- xl command line config handling stack overflow [XSA-137, CVE-2015-3259] * Mon Jun 22 2015 Michael Young - 4.5.1-1- update to 4.5.1 adjust xen.use.fedora.ipxe.patch and xen.fedora.systemd.patch remove patches for issues now fixed upstream renumber patches * Fri Jun 19 2015 Richard W.M. Jones - 4.5.0-13- Rebuild for ocaml-4.02.2. * Fri Jun 19 2015 Fedora Release Engineering - 4.5.0-12- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Tue Jun 16 2015 Michael Young - gcc 5 bug is fixed so remove workaround * Wed Jun 10 2015 Michael Young - 4.5.0-11- stubs-32.h is back, so revert to previous behaviour- Heap overflow in QEMU PCNET controller, allowing guest->host escape [XSA-135, CVE-2015-3209] (#1230537)- GNTTABOP_swap_grant_ref operation misbehavior [XSA-134, CVE-2015-4163]- vulnerability in the iret hypercall handler [XSA-136, CVE-2015-4164] * Wed Jun 03 2015 Michael Young - 4.5.0-10.1- stubs-32.h has gone from rawhide, put it back manually * Tue Jun 02 2015 Michael Young - 4.5.0-10- replace deprecated gnutls use in qemu-xen-traditional based on qemu-xen patches- work around a gcc 5 bug- Potential unintended writes to host MSI message data field via qemu [XSA-128, CVE-2015-4103] (#1227627)- PCI MSI mask bits inadvertently exposed to guests [XSA-129, CVE-2015-4104] (#1227628)- Guest triggerable qemu MSI-X pass-through error messages [XSA-130, CVE-2015-4105] (#1227629)- Unmediated PCI register access in qemu [XSA-131, CVE-2015-4106] (#1227631) * Wed May 13 2015 Michael Young - 4.5.0-9- Privilege escalation via emulated floppy disk drive [XSA-133, CVE-2015-3456] (#1221153) * Mon Apr 20 2015 Michael Young - 4.5.0-8- Information leak through XEN_DOMCTL_gettscinfo [XSA-132, CVE-2015-3340] (#1214037) * Tue Mar 31 2015 Michael Young - 4.5.0-7- Long latency MMIO mapping operations are not preemptible [XSA-125, CVE-2015-2752] (#1207741)- Unmediated PCI command register access in qemu [XSA-126, CVE-2015-2756] (#1307738)- Certain domctl operations may be abused to lock up the host [XSA-127, CVE-2015-2751] (#1207739) * Fri Mar 13 2015 Michael Young - 4.5.0-6- Additional patch for XSA-98 on arm64 * Thu Mar 12 2015 Michael Young - 4.5.0-5- HVM qemu unexpectedly enabling emulated VGA graphics backends [XSA-119, CVE-2015-2152] (#1201365) * Tue Mar 10 2015 Michael Young - 4.5.0-4- Hypervisor memory corruption due to x86 emulator flaw [XSA-123, CVE-2015-2151] (#1200398) * Thu Mar 05 2015 Michael Young - 4.5.0-3- Information leak via internal x86 system device emulation [XSA-121, CVE-2015-2044]- Information leak through version information hypercall [XSA-122, CVE-2015-2045]- fix a typo in xen.fedora.systemd.patch * Sat Feb 14 2015 Michael Young - 4.5.0-2- arm: vgic-v2: GICD_SGIR is not properly emulated [XSA-117, CVE-2015-0268]- allow certain warnings with gcc5 that would otherwise be treated as errors * Thu Jan 29 2015 Michael Young - 4.5.0-1- update to 4.5.0 xend has gone, so remove references to xend in spec file, sources and patches remove patches for issues now fixed upstream adjust some patches due to other code changes adjust spec file for renamed xenpolicy files set prefix back to /usr (default is now /usr/local) use upstream systemd files with patches for Fedora and selinux sysconfig for systemd is now in xencommons file for x86_64, files in /usr/lib64/xen/bin have moved to /usr/lib/xen/bin remus isn\'t built upstream systemd support needs systemd-devel to build replace new uint32 with uint32_t in ocaml file for ocaml-4.02.0 stop oxenstored failing when selinux is enforcing re-number patches- enable building pngs from fig files which is working again- fix oxenstored.service preset preuninstall script- arm: vgic: incorrect rate limiting of guest triggered logging [XSA-118, CVE-2015-1563] (#1187153) * Tue Jan 06 2015 Michael Young - 4.4.1-12- xen crash due to use after free on hvm guest teardown [XSA-116, CVE-2015-0361] (#1179221) * Tue Dec 16 2014 Michael Young - 4.4.1-11- fix xendomains issue introduced by xl migrate --debug patch * Mon Dec 08 2014 Michael Young - 4.4.1-10- p2m lock starvation [XSA-114, CVE-2014-9065]- fix build with --without xsm * Thu Nov 27 2014 Michael Young - 4.4.1-9- Excessive checking in compatibility mode hypercall argument translation [XSA-111, CVE-2014-8866]- Insufficient bounding of \"REP MOVS\" to MMIO emulated inside the hypervisor [XSA-112, CVE-2014-8867]- fix segfaults and failures in xl migrate --debug (#1166461) * Thu Nov 20 2014 Michael Young - 4.4.1-8- Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling [XSA-113, CVE-2014-9030] (#1166914) * Tue Nov 18 2014 Michael Young - 4.4.1-7- Insufficient restrictions on certain MMU update hypercalls [XSA-109, CVE-2014-8594] (#1165205)- Missing privilege level checks in x86 emulation of far branches [XSA-110, CVE-2014-8595] (#1165204)- Add fix for CVE-2014-0150 to qemu-dm, though it probably isn\'t exploitable from xen (#1086776) * Wed Oct 01 2014 Michael Young - 4.4.1-6- Improper MSR range used for x2APIC emulation [XSA-108, CVE-2014-7188] (#1148465) * Tue Sep 30 2014 Michael Young - 4.4.1-5- xen support is in 256k seabios binary when it exists (#1146260) * Tue Sep 23 2014 Michael Young - 4.4.1-4- Race condition in HVMOP_track_dirty_vram [XSA-104, CVE-2014-7154] (#1145736)- Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation [XSA-105, CVE-2014-7155] (#1145737)- Missing privilege level checks in x86 emulation of software interrupts [XSA-106, CVE-2014-7156] (#1145738) * Sun Sep 14 2014 Michael Young - 4.4.1-3- disable building pngs from fig files which is currently broken in rawhide * Tue Sep 09 2014 Michael Young - 4.4.1-2- Mishandling of uninitialised FIFO-based event channel control blocks [XSA-107, CVE-2014-6268] (#1140287)- delete a patch file that was dropped in the last update * Tue Sep 02 2014 Michael Young - 4.4.1-1- update to xen-4.4.1 remove patches for fixes that are now included- replace uint32 with uint32_t in ocaml file for ocaml-4.02.0 * Sun Aug 31 2014 Richard W.M. Jones - 4.4.0-14- Bump release and rebuild. * Sun Aug 31 2014 Richard W.M. Jones - 4.4.0-13- ocaml-4.02.0 final rebuild. * Sun Aug 24 2014 Richard W.M. Jones - 4.4.0-12- ocaml-4.02.0+rc1 rebuild. * Mon Aug 18 2014 Fedora Release Engineering - 4.4.0-11- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Tue Aug 12 2014 Michael Young - 4.4.0-10- Long latency virtual-mmu operations are not preemptible [XSA-97, CVE-2014-5146] * Thu Aug 07 2014 Richard W.M. Jones - 4.4.0-9- ocaml-4.02.0-0.8.git10e45753.fc22 rebuild. * Mon Jul 14 2014 Michael Young - 4.4.0-8- rebuild for ocaml update * Tue Jun 17 2014 Michael Young - 4.4.0-7- Hypervisor heap contents leaked to guest [XSA-100, CVE-2014-4021] (#1110316) with extra patch to avoid regression * Sun Jun 15 2014 Michael Young - 4.4.0-6- Fix two %if line typos in the spec file- Vulnerabilities in HVM MSI injection [XSA-96, CVE-2014-3967,CVE-2014-3968] (#1104583) * Sun Jun 08 2014 Fedora Release Engineering - 4.4.0-5- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon May 12 2014 Michael Young - 4.4.0-4- add systemd preset support (#1094938) * Wed Apr 30 2014 Michael Young - 4.4.0-3- HVMOP_set_mem_type allows invalid P2M entries to be created [XSA-92, CVE-2014-3124] (#1093315)- change -Wmaybe-uninitialized errors into warnings for gcc 4.9.0- fix a couple of -Wmaybe-uninitialized cases * Wed Mar 26 2014 Michael Young - 4.4.0-2- HVMOP_set_mem_access is not preemptible [XSA-89, CVE-2014-2599] (#1080425) * Sun Mar 23 2014 Michael Young - 4.4.0-1- update to xen-4.4.0- adjust xend.selinux.fixes.patch and xen-initscript.patch as xend has moved- don\'t build xend unless --with xend is specified- use --with-system-seabios option instead of xen.use.fedora.seabios.patch- update xen.use.fedora.ipxe.patch patch- replace qemu-xen.tradonly.patch with --with-system-qemu= option pointing to Fedora\'s qemu-system-i386- adjust xen.xsm.enable.patch and remove bits that are are no longer needed- blktapctrl is no longer built, remove related files- adjust files to be packaged; xsview has gone, add xen-mfndump and xenstore man pages- add another xenstore-write to xenstored.service and oxenstored.service- Add xen.console.fix.patch to fix issues running pygrub * Tue Feb 18 2014 Michael Young - 4.3.2-1- update to xen-4.3.2 includes fix for \"Excessive time to disable caching with HVM guests with PCI passthrough\" [XSA-60, CVE-2013-2212] (#987914)- remove patches that are now included * Wed Feb 12 2014 Michael Young - 4.3.1-10- use-after-free in xc_cpupool_getinfo() under memory pressure [XSA-88, CVE-2014-1950] (#1064491) * Thu Feb 06 2014 Michael Young - 4.3.1-9- integer overflow in several XSM/Flask hypercalls [XSA-84, CVE-2014-1891, CVE-2014-1892, CVE-2014-1893, CVE-2014-1894] Off-by-one error in FLASK_AVC_CACHESTAT hypercall [XSA-85, CVE-2014-1895] libvchan failure handling malicious ring indexes [XSA-86, CVE-2014-1896] (#1062335) * Fri Jan 24 2014 Michael Young - 4.3.1-8- PHYSDEVOP_{prepare,release}_msix exposed to unprivileged pv guests [XSA-87, CVE-2014-1666] (#1058398) * Thu Jan 23 2014 Michael Young - 4.3.1-7- Out-of-memory condition yielding memory corruption during IRQ setup [XSA-83, CVE-2014-1642] (#1057142) * Wed Dec 11 2013 Michael Young - 4.3.1-6- Disaggregated domain management security status update [XSA-77]- IOMMU TLB flushing may be inadvertently suppressed [XSA-80, CVE-2013-6400] (#1040024) * Mon Dec 02 2013 Michael Young - 4.3.1-5- HVM guest triggerable AMD CPU erratum may cause host hang [XSA-82, CVE-2013-6885] * Tue Nov 26 2013 Michael Young - 4.3.1-4- Lock order reversal between page_alloc_lock and mm_rwlock [XSA-74, CVE-2013-4553] (#1034925)- Hypercalls exposed to privilege rings 1 and 2 of HVM guests [XSA-76, CVE-2013-4554] (#1034923) * Thu Nov 21 2013 Michael Young - 4.3.1-3- Insufficient TLB flushing in VT-d (iommu) code [XSA-78, CVE-2013-6375] (#1033149) * Sat Nov 09 2013 Michael Young - 4.3.1-2- Host crash due to HVM guest VMX instruction execution [XSA-75, CVE-2013-4551] (#1029055) * Fri Nov 01 2013 Michael Young - 4.3.1-1- update to xen-4.3.1- Lock order reversal between page allocation and grant table locks [XSA-73, CVE-2013-4494] (#1026248) * Tue Oct 29 2013 Michael Young - 4.3.0-10- ocaml xenstored mishandles oversized message replies [XSA-72, CVE-2013-4416] (#1024450) * Thu Oct 24 2013 Michael Young - 4.3.0-9- systemd changes to allow oxenstored to be used instead of xenstored (#1022640) * Thu Oct 10 2013 Michael Young - 4.3.0-8- security fixes (#1017843) Information leak through outs instruction emulation in 64-bit PV guests [XSA-67, CVE-2013-4368] possible null dereference when parsing vif ratelimiting info [XSA-68, CVE-2013-4369] misplaced free in ocaml xc_vcpu_getaffinity stub [XSA-69, CVE-2013-4370] use-after-free in libxl_list_cpupool under memory pressure [XSA-70, CVE-2013-4371] qemu disk backend (qdisk) resource leak (Fedora doesn\'t build this qemu) [XSA-71, CVE-2013-4375] * Wed Oct 02 2013 Michael Young - 4.3.0-7- Set \"Domain-0\" label in xenstored.service systemd file to match xencommons init.d script.- security fixes (#1013748) Information leaks to HVM guests through I/O instruction emulation [XSA-63, CVE-2013-4355] Memory accessible by 64-bit PV guests under live migration [XSA-64, CVE-2013-4356] Information leak to HVM guests through fbld instruction emulation [XSA-66, CVE-2013-4361] * Wed Sep 25 2013 Michael Young - 4.3.0-6- Information leak on AVX and/or LWP capable CPUs [XSA-62, CVE-2013-1442] (#1012056) * Sat Sep 14 2013 Richard W.M. Jones - 4.3.0-5- Rebuild for OCaml 4.01.0. * Sun Aug 04 2013 Fedora Release Engineering - 4.3.0-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Sat Jul 20 2013 Michael Young - 4.3.0-2 4.3.0-3- build a 64-bit hypervisor on ix86 * Tue Jul 16 2013 Michael Young - 4.3.0-1- update to xen-4.3.0- rebase xen.use.fedora.ipxe.patch- remove patches that are now included or no longer needed- add polarssl source needed for stubdom build- remove references to ia64 in spec file (dropped upstream)- don\'t build hypervisor on ix86 (dropped upstream)- tools want wget (or ftp) to build- build XSM FLASK support into hypervisor with policy file- add xencov_split and xencov to files packaged, remove pdf docs- tidy up rpm scripts and stop enabling systemctl services on upgrade now sysv is gone from Fedora- re-number patches * Wed Jun 26 2013 Michael Young - 4.2.2-10- XSA-45/CVE-2013-1918 breaks page reference counting [XSA-58, CVE-2013-1432] (#978383)- let pygrub handle set default=\"${next_entry}\" line in F19 (#978036)- libxl: Set vfb and vkb devid if not done so by the caller (#977987) * Mon Jun 24 2013 Michael Young - 4.2.2-9- add upstream patch for PCI passthrough problems after XSA-46 (#977310) * Fri Jun 21 2013 Michael Young - 4.2.2-8- xenstore permissions not set correctly by libxl [XSA-57, CVE-2013-2211] (#976779) * Fri Jun 14 2013 Michael Young - 4.2.2-7- Revised fixes for [XSA-55, CVE-2013-2194 CVE-2013-2195 CVE-2013-2196] (#970640) * Tue Jun 04 2013 Michael Young - 4.2.2-6- Information leak on XSAVE/XRSTOR capable AMD CPUs [XSA-52, CVE-2013-2076] (#970206)- Hypervisor crash due to missing exception recovery on XRSTOR [XSA-53, CVE-2013-2077] (#970204)- Hypervisor crash due to missing exception recovery on XSETBV [XSA-54, CVE-2013-2078] (#970202)- Multiple vulnerabilities in libelf PV kernel handling [XSA-55] (#970640) * Fri May 17 2013 Michael Young - 4.2.2-5- xend toolstack doesn\'t check bounds for VCPU affinity [XSA-56, CVE-2013-2072] (#964241) * Tue May 14 2013 Michael Young - 4.2.2-4- xen-devel should require libuuid-devel (#962833)- pygrub menu items can include too much text (#958524) * Thu May 02 2013 Michael Young - 4.2.2-3- PV guests can use non-preemptible long latency operations to mount a denial of service attack on the whole system [XSA-45, CVE-2013-1918] (#958918)- malicious guests can inject interrupts through bridge devices to mount a denial of service attack on the whole system [XSA-49, CVE-2013-1952] (#958919) * Fri Apr 26 2013 Michael Young - 4.2.2-2- fix further man page issues to allow building on F19 and F20 * Thu Apr 25 2013 Michael Young - 4.2.2-1- update to xen-4.2.2 includes fixes for [XSA-48, CVE-2013-1922] (Fedora doesn\'t use the affected code) passed through IRQs or PCI devices might allow denial of service attack [XSA-46, CVE-2013-1919] (#953568) SYSENTER in 32-bit PV guests on 64-bit xen can crash hypervisor [XSA-44, CVE-2013-1917] (#953569)- remove patches that are included in 4.2.2- look for libxl-save-helper in the right place- fix xl list -l output when built with yajl2- allow xendomains to work with xl saved images * Thu Apr 04 2013 Michael Young - 4.2.1-10- make xendomains systemd script executable and update it from init.d version (#919705)- Potential use of freed memory in event channel operations [XSA-47, CVE-2013-1920] * Thu Feb 21 2013 Michael Young - 4.2.1-9- patch for [XSA-36, CVE-2013-0153] can cause boot time crash * Fri Feb 15 2013 Michael Young - 4.2.1-8- patch for [XSA-38, CVE-2013-0215] was flawed * Fri Feb 08 2013 Michael Young - 4.2.1-7- BuildRequires for texlive-kpathsea-bin wasn\'t needed- correct gcc 4.8 fixes and follow suggestions upstream * Tue Feb 05 2013 Michael Young - 4.2.1-6- guest using oxenstored can crash host or exhaust memory [XSA-38, CVE-2013-0215] (#907888)- guest using AMD-Vi for PCI passthrough can cause denial of service [XSA-36, CVE-2013-0153] (#910914)- add some fixes for code which gcc 4.8 complains about- additional BuildRequires are now needed for pod2text and pod2man also texlive-kpathsea-bin for mktexfmt * Wed Jan 23 2013 Michael Young - correct disabling of xendomains.service on uninstall * Tue Jan 22 2013 Michael Young - 4.2.1-5- nested virtualization on 32-bit guest can crash host [XSA-34, CVE-2013-0151] also nested HVM on guest can cause host to run out of memory [XSA-35, CVE-2013-0152] (#902792)- restore status option to xend which is used by libvirt (#893699) * Thu Jan 17 2013 Michael Young - 4.2.1-4- Buffer overflow when processing large packets in qemu e1000 device driver [XSA-41, CVE-2012-6075] (#910845) * Thu Jan 10 2013 Michael Young - 4.2.1-3- fix some format errors in xl.cfg.pod.5 to allow build on F19 * Wed Jan 09 2013 Michael Young - 4.2.1-2- VT-d interrupt remapping source validation flaw [XSA-33, CVE-2012-5634] (#893568)- pv guests can crash xen when xen built with debug=y (included for completeness - Fedora builds have debug=n) [XSA-37, CVE-2013-0154] * Tue Dec 18 2012 Michael Young - 4.2.1-1- update to xen-4.2.1- remove patches that are included in 4.2.1- rebase xen.fedora.efi.build.patch * Thu Dec 13 2012 Richard W.M. Jones - 4.2.0-7- Rebuild for OCaml fix (RHBZ#877128). * Mon Dec 03 2012 Michael Young - 4.2.0-6- 6 security fixes A guest can cause xen to crash [XSA-26, CVE-2012-5510] (#883082) An HVM guest can cause xen to run slowly or crash [XSA-27, CVE-2012-5511] (#883084) A PV guest can cause xen to crash and might be able escalate privileges [XSA-29, CVE-2012-5513] (#883088) An HVM guest can cause xen to hang [XSA-30, CVE-2012-5514] (#883091) A guest can cause xen to hang [XSA-31, CVE-2012-5515] (#883092) A PV guest can cause xen to crash and might be able escalate privileges [XSA-32, CVE-2012-5525] (#883094) * Sat Nov 17 2012 Michael Young - 4.2.0-5- two build fixes for Fedora 19- add texlive-ntgclass package to fix build * Tue Nov 13 2012 Michael Young - 4.2.0-4- 4 security fixes A guest can block a cpu by setting a bad VCPU deadline [XSA 20, CVE-2012-4535] (#876198) HVM guest can exhaust p2m table crashing xen [XSA 22, CVE-2012-4537] (#876203) PAE HVM guest can crash hypervisor [XSA-23, CVE-2012-4538] (#876205) 32-bit PV guest on 64-bit hypervisor can cause an hypervisor infinite loop [XSA-24, CVE-2012-4539] (#876207)- texlive-2012 is now in Fedora 18 * Sun Oct 28 2012 Michael Young - 4.2.0-3- texlive-2012 isn\'t in Fedora 18 yet * Fri Oct 26 2012 Michael Young - 4.2.0-2- limit the size of guest kernels and ramdisks to avoid running out of memeory on dom0 during guest boot [XSA-25, CVE-2012-4544] (#870414) * Thu Oct 25 2012 Michael Young - 4.2.0-1- update to xen-4.2.0- rebase xen-net-disable-iptables-on-bridge.patch pygrubfix.patch- remove patches that are now upstream or with alternatives upstream- use ipxe and seabios from seabios-bin and ipxe-roms-qemu packages- xen tools now need ./configure to be run (x86_64 needs libdir set)- don\'t build upstream qemu version- amend list of files in package - relocate xenpaging add /etc/xen/xlexample * oxenstored.conf /usr/include/xenstore-compat/ * xenstore-stubdom.gz xen-lowmemd xen-ringwatch xl.1.gz xl.cfg.5.gz xl.conf.5.gz xlcpupool.cfg.5.gz- use a tmpfiles.d file to create /run/xen on boot- add BuildRequires for yajl-devel and graphviz- build an efi boot image where it is supported- adjust texlive changes so spec file still works on Fedora 17 * Thu Oct 18 2012 Michael Young - 4.1.3-6- add font packages to build requires due to 2012 version of texlive in F19- use build requires of texlive-latex instead of tetex-latex which it obsoletes * Wed Oct 17 2012 Michael Young - 4.1.3-5- rebuild for ocaml update * Thu Sep 06 2012 Michael Young - 4.1.3-4- disable qemu monitor by default [XSA-19, CVE-2012-4411] (#855141) * Wed Sep 05 2012 Michael Young - 4.1.3-3- 5 security fixes a malicious 64-bit PV guest can crash the dom0 [XSA-12, CVE-2012-3494] (#854585) a malicious crash might be able to crash the dom0 or escalate privileges [XSA-13, CVE-2012-3495] (#854589) a malicious PV guest can crash the dom0 [XSA-14, CVE-2012-3496] (#854590) a malicious HVM guest can crash the dom0 and might be able to read hypervisor or guest memory [XSA-16, CVE-2012-3498] (#854593) an HVM guest could use VT100 escape sequences to escalate privileges to that of the qemu process [XSA-17, CVE-2012-3515] (#854599) * Fri Aug 10 2012 Michael Young - 4.1.3-1 4.1.3-2- update to 4.1.3 includes fix for untrusted HVM guest can cause the dom0 to hang or crash [XSA-11, CVE-2012-3433] (#843582)- remove patches that are now upstream- remove some unnecessary compile fixes- adjust upstream-23936:cdb34816a40a-rework for backported fix for upstream-23940:187d59e32a58- replace pygrub.size.limits.patch with upstreamed version- fix for (#845444) broke xend under systemd * Tue Aug 07 2012 Michael Young - 4.1.2-25- remove some unnecessary cache flushing that slow things down- change python options on xend to reduce selinux problems (#845444) * Thu Jul 26 2012 Michael Young - 4.1.2-24- in rare circumstances an unprivileged user can crash an HVM guest [XSA-10,CVE-2012-3432] (#843766) * Tue Jul 24 2012 Michael Young - 4.1.2-23- add a patch to remove a dependency on PyXML and Require python-lxml instead of PyXML (#842843) * Sun Jul 22 2012 Michael Young - 4.1.2-22- adjust systemd service files not to report failures when running without a hypervisor or when xendomains.service doesn\'t find anything to start * Sun Jul 22 2012 Fedora Release Engineering - 4.1.2-21- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Michael Young - 4.1.2-20- Apply three security patches 64-bit PV guest privilege escalation vulnerability [CVE-2012-0217] guest denial of service on syscall/sysenter exception generation [CVE-2012-0218] PV guest host Denial of Service [CVE-2012-2934] * Sat Jun 09 2012 Michael Young - 4.1.2-19- adjust xend.service systemd file to avoid selinux problems * Fri Jun 08 2012 Michael Young - 4.1.2-18- Enable xenconsoled by default under systemd (#829732) * Thu May 17 2012 Michael Young - 4.1.2-16 4.1.2-17- make pygrub cope better with big files from guest (#818412 CVE-2012-2625)- add patch from 4.1.3-rc2-pre to build on F17/8 * Sun Apr 15 2012 Michael Young - 4.1.2-15- Make the udev tap rule more specific as it breaks openvpn (#812421)- don\'t try setuid in xend if we don\'t need to so selinux is happier * Sat Mar 31 2012 Michael Young - 4.1.2-14- /var/lib/xenstored mount has wrong selinux permissions in latest Fedora- load xen-acpi-processor module (kernel 3.4 onwards) if present * Thu Mar 08 2012 Michael Young - 4.1.2-13- fix a packaging error * Thu Mar 08 2012 Michael Young - 4.1.2-12- fix an error in an rpm script from the sysv configuration removal- migrate xendomains script to systemd * Wed Feb 29 2012 Michael Young - 4.1.2-11- put the systemd files back in the right place * Wed Feb 29 2012 Michael Young - 4.1.2-10- clean up systemd and sysv configuration including removal of migrated sysv files for fc17+ * Sat Feb 18 2012 Michael Young - 4.1.2-9- move xen-watchdog to systemd * Wed Feb 08 2012 Michael Young - 4.1.2-8- relocate systemd files for fc17+ * Tue Feb 07 2012 Michael Young - 4.1.2-7- move xend and xenconsoled to systemd * Thu Feb 02 2012 Michael Young - 4.1.2-6- Fix buffer overflow in e1000 emulation for HVM guests [CVE-2012-0029] * Sat Jan 28 2012 Michael Young - 4.1.2-5- Start building xen\'s ocaml libraries if appropriate unless --without ocaml was specified- add some backported patches from xen unstable (via Debian) for some ocaml tidying and fixes * Sun Jan 15 2012 Michael Young - 4.1.2-4- actually apply the xend-pci-loop.patch- compile fixes for gcc-4.7 * Wed Jan 11 2012 Michael Young - 4.1.2-3- Add xend-pci-loop.patch to stop xend crashing with weird PCI cards (#767742)- avoid a backtrace if xend can\'t log to the standard file or a temporary directory (part of #741042) * Mon Nov 21 2011 Michael Young - 4.1.2-2- Fix lost interrupts on emulated devices- stop xend crashing if its state files are empty at start up- avoid a python backtrace if xend is run on bare metal- update grub2 configuration after the old hypervisor has gone- move blktapctrl to systemd- Drop obsolete dom0-kernel.repo file * Fri Oct 21 2011 Michael Young - 4.1.2-1- update to 4.1.2 remove upstream patches xen-4.1-testing.23104 and xen-4.1-testing.23112 * Fri Oct 14 2011 Michael Young - 4.1.1-8- more pygrub improvements for grub2 on guest * Thu Oct 13 2011 Michael Young - 4.1.1-7- make pygrub work better with GPT partitions and grub2 on guest * Thu Sep 29 2011 Michael Young - 4.1.1-5 4.1.1-6- improve systemd functionality * Wed Sep 28 2011 Michael Young - 4.1.1-4- lsb header fixes - xenconsoled shutdown needs xenstored to be running- partial migration to systemd to fix shutdown delays- update grub2 configuration after hypervisor updates * Sun Aug 14 2011 Michael Young - 4.1.1-3- untrusted guest controlling PCI[E] device can lock up host CPU [CVE-2011-3131] * Wed Jul 20 2011 Michael Young - 4.1.1-2- clean up patch to solve a problem with hvmloader compiled with gcc 4.6 * Wed Jun 15 2011 Michael Young - 4.1.1-1- update to 4.1.1 includes various bugfixes and fix for [CVE-2011-1898] guest with pci passthrough can gain privileged access to base domain- remove upstream cve-2011-1583-4.1.patch * Mon May 09 2011 Michael Young - 4.1.0-2- Overflows in kernel decompression can allow root on xen PV guest to gain privileged access to base domain, or access to xen configuration info. Lack of error checking could allow DoS attack from guest [CVE-2011-1583]- Don\'t require /usr/bin/qemu-nbd as it isn\'t used at present. * Fri Mar 25 2011 Michael Young - 4.1.0-1- update to 4.1.0 final * Tue Mar 22 2011 Michael Young - 4.1.0-0.1.rc8- update to 4.1.0-rc8 release candidate- create xen-4.1.0-rc8.tar.xz file from git/hg repositories- rebase xen-initscript.patch xen-dumpdir.patch xen-net-disable-iptables-on-bridge.patch localgcc45fix.patch sysconfig.xenstored init.xenstored- remove unnecessary or conflicting xen-xenstore-cli.patch localpy27fixes.patch xen.irq.fixes.patch xen.xsave.disable.patch xen.8259afix.patch localcleanups.patch libpermfixes.patch- add patch to allow pygrub to work with single partitions with boot sectors- create ipxe-git-v1.0.0.tar.gz from http://git.ipxe.org/ipxe.git to avoid downloading at build time- no need to move udev rules or init scripts as now created in the right place- amend list of files shipped - remove fs-backend add init.d scripts xen-watchdog xencommons add config files xencommons xl.conf cpupool add programs kdd tap-ctl xen-hptool xen-hvmcrash xenwatchdogd * Mon Feb 07 2011 Fedora Release Engineering - 4.0.1-10- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Mon Jan 31 2011 Michael Young - 4.0.1-9- Make libraries executable so that rpm gets dependencies right * Sat Jan 29 2011 Michael Young - 4.0.1-8- Temporarily turn off some compile options so it will build on rawhide * Fri Jan 28 2011 Michael Young - 4.0.1-7- ghost directories in /var/run (#656724)- minor fixes to /usr/share/doc/xen-doc-4.?.?/misc/network_setup.txt (#653159) /etc/xen/scripts/network-route, /etc/xen/scripts/vif-common.sh (#669747) and /etc/sysconfig/modules/xen.modules (#656536) * Tue Oct 12 2010 Michael Young - 4.0.1-6- add upstream xen patch xen.8259afix.patch to fix boot panic \"IO-APIC + timer doesn\'t work!\" (#642108) * Thu Oct 07 2010 Michael Young - 4.0.1-5- add ext4 support for pvgrub (grub-ext4-support.patch from grub-0.97-66.fc14) * Wed Sep 29 2010 jkeating - 4.0.1-4- Rebuilt for gcc bug 634757 * Fri Sep 24 2010 Michael Young - 4.0.1-3- create symlink for qemu-dm on x86_64 for compatibility with 3.4- apply some patches destined for 4.0.2 add some irq fixes disable xsave which causes problems for HVM * Sun Aug 29 2010 Michael Young - 4.0.1-2- fix compile problems on Fedora 15, I suspect due to gcc 4.5.1 * Wed Aug 25 2010 Michael Young - 4.0.1-1- update to 4.0.1 release - many bug fixes- xen-dev-create-cleanup.patch no longer needed- remove part of localgcc45fix.patch no longer needed- package new files /etc/bash_completion.d/xl.sh and /usr/sbin/gdbsx- add patch to get xm and xend working with python 2.7 * Mon Aug 02 2010 Michael Young - 4.0.0-5- add newer module names and xen-gntdev to xen.modules- Update dom0-kernel.repo file to use repos.fedorapeople.org location * Mon Jul 26 2010 Michael Young - create a xen-licenses package to satisfy revised the Fedora Licensing Guidelines * Sun Jul 25 2010 Michael Young - 4.0.0-4- fix gcc 4.5 compile problems * Thu Jul 22 2010 David Malcolm - 4.0.0-3- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild * Sun Jun 20 2010 Michael Young - 4.0.0-2- add patch to remove some old device creation code that doesn\'t work with the latest pvops kernels * Mon Jun 07 2010 Michael Young - 4.0.0-1- update to 4.0.0 release- rebase xen-initscript.patch and xen-dumpdir.patch patches- adjust spec file for files added to or removed from the packages- add new build dependencies libuuid-devel and iasl * Tue Jun 01 2010 Michael Young - 3.4.3-1- update to 3.4.3 release including support for latest pv_ops kernels (possibly incomplete) should fix build problems (#565063) and crashes (#545307)- replace Prereq: with Requires: in spec file- drop static libraries (#556101) * Thu Dec 10 2009 Gerd Hoffmann - 3.4.2-2- adapt module load script to evtchn.ko -> xen-evtchn.ko rename. * Thu Dec 10 2009 Gerd Hoffmann - 3.4.2-1- update to 3.4.2 release.- drop backport patches. * Thu Oct 08 2009 Justin M. Forbes - 3.4.1-5- add PyXML to dependencies. (#496135)- Take ownership of {_libdir}/fs (#521806) | |