SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for xen-devel-4.12.3-8.fc31.i686.rpm :

* Tue Nov 03 2020 Michael Young - 4.12.3-8- revised patch for XSA-286 (mitigating performance impact)
* Thu Oct 29 2020 Michael Young - 4.12.3-7- x86 PV guest INVLPG-like flushes may leave stale TLB entries [XSA-286, CVE-2020-27674] (#1891092)
* Tue Oct 20 2020 Michael Young - 4.12.3-6- x86: Race condition in Xen mapping code [XSA-345, CVE-2020-27672] (#1891097)- undue deferral of IOMMU TLB flushes [XSA-346, CVE-2020-27671] (#1891093)- unsafe AMD IOMMU page table updates [XSA-347, CVE-2020-27670] (#1891088)
* Tue Sep 22 2020 Michael Young - 4.12.3-5- x86 pv: Crash when handling guest access to MSR_MISC_ENABLE [XSA-333, CVE-2020-25602] (#1881619)- Missing unlock in XENMEM_acquire_resource error path [XSA-334, CVE-2020-25598] (#1881616)- race when migrating timers between x86 HVM vCPU-s [XSA-336, CVE-2020-25604] (#1881618)- PCI passthrough code reading back hardware registers [XSA-337, CVE-2020-25595] (#1881587)- once valid event channels may not turn invalid [XSA-338, CVE-2020-25597] (#1881588)- x86 pv guest kernel DoS via SYSENTER [XSA-339, CVE-2020-25596] (#1881617)- Missing memory barriers when accessing/allocating an event channel [XSA-340, CVE-2020-25603] (#1881583)- out of bounds event channels available to 32-bit x86 domains [XSA-342, CVE-2020-25600] (#1881582)- races with evtchn_reset() [XSA-343, CVE-2020-25599] (#1881581)- lack of preemption in evtchn_reset() / evtchn_destroy() [XSA-344, CVE-2020-25601] (#1881586)
* Tue Aug 25 2020 Michael Young - 4.12.3-4- QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364] (#1871850)
* Tue Jul 07 2020 Michael Young - 4.12.3-3- incorrect error handling in event channel port allocation leads to DoS [XSA-317, CVE-2020-15566] (#1854465)- inverted code paths in x86 dirty VRAM tracking leads to DoS [XSA-319, CVE-2020-15563] (#1854463)- xen: insufficient cache write-back under VT-d leads to DoS [XSA-321, CVE-2020-15565] (#1854467)- missing alignment check in VCPUOP_register_vcpu_info leads to DoS [XSA-327, CVE-2020-15564] (#1854458)- non-atomic modification of live EPT PTE leads to DoS [XSA-328, CVE-2020-15567] (#1854464)
* Wed Jun 10 2020 Michael Young - 4.12.3-2- Special Register Buffer speculative side channel [XSA-320]
* Tue May 19 2020 Michael Young - 4.12.3-1- update to 4.12.3 remove patches for issues now fixed upstream
* Wed Apr 15 2020 Michael Young - 4.12.2-3- multiple xenoprof issues [XSA-313, CVE-2020-11740, CVE-2020-11741] (#1823912, #1823914)- Missing memory barriers in read-write unlock paths [XSA-314, CVE-2020-11739] (#1823784)- Bad error path in GNTTABOP_map_grant [XSA-316, CVE-2020-11743] (#1823926)- Bad continuation handling in GNTTABOP_copy [XSA-318, CVE-2020-11742] (#1823943)
* Tue Jan 14 2020 Michael Young - 4.12.2-2- arm: a CPU may speculate past the ERET instruction [XSA-312]
* Mon Jan 06 2020 Michael Young - 4.12.2-1- update to 4.12.2 remove patches for issues now fixed upstream
* Wed Dec 11 2019 Michael Young - 4.12.1-8- denial of service in find_next_bit() [XSA-307, CVE-2019-19581, CVE-2019-19582] (#1782211)- denial of service in HVM/PVH guest userspace code [XSA-308, CVE-2019-19583] (#1782206)- privilege escalation due to malicious PV guest [XSA-309, CVE-2019-19578] (#1782210)- Further issues with restartable PV type change operations [XSA-310, CVE-2019-19580] (#1782207)- vulnerability in dynamic height handling for AMD IOMMU pagetables [XSA-311, CVE-2019-19577] (#1782208)- add patches needed to apply XSA-311
* Tue Nov 26 2019 Michael Young - 4.12.1-7- Device quarantine for alternate pci assignment methods [XSA-306, CVE-2019-19579] (#1780559)
* Tue Nov 12 2019 Michael Young - 4.12.1-6- add missing XSA-299 patches
* Tue Nov 12 2019 Michael Young - 4.12.1-5- x86: Machine Check Error on Page Size Change DoS [XSA-304, CVE-2018-12207]- TSX Asynchronous Abort speculative side channel [XSA-305, CVE-2019-11135]
* Thu Oct 31 2019 Michael Young - 4.12.1-4- VCPUOP_initialise DoS [XSA-296, CVE-2019-18420] (#1771368)- missing descriptor table limit checking in x86 PV emulation [XSA-298, CVE-2019-18425] (#1771341)- Issues with restartable PV type change operations [XSA-299, CVE-2019-18421] (#1767726)- add-to-physmap can be abused to DoS Arm hosts [XSA-301, CVE-2019-18423] (#1771345)- passed through PCI devices may corrupt host memory after deassignment [XSA-302, CVE-2019-18424] (#1767731)- ARM: Interrupts are unconditionally unmasked in exception handlers [XSA-303, CVE-2019-18422] (#1771443)
* Thu Oct 03 2019 Miro Hrončok - 4.12.1-3- Rebuilt for Python 3.8.0rc1 (#1748018)
* Mon Aug 19 2019 Miro Hrončok - 4.12.1-2- Rebuilt for Python 3.8
* Fri Aug 09 2019 Michael Young - 4.12.1-1- update to 4.12.1 remove patches for issues now fixed upstream adjust xen.gcc9.fixes.patch
* Sat Jul 27 2019 Fedora Release Engineering - 4.12.0-5- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Jun 19 2019 Michael Young - 4.12.0-4- Unlimited Arm Atomics Operations [XSA-295, CVE-2019-17349, CVE-2019-17350] (#1720760)- some debug files are now properly packaged in debuginfo rpms
* Tue Jun 18 2019 Zbigniew Jędrzejewski-Szmek - Fix build with python3.8 (#1704807)
* Sat Jun 01 2019 Michael Young - 4.12.0-3- fix HVM DomU boot on some chipsets- fix expected FTBFS with Python 3.8 (#1704807)- adjust grub2 workaround
* Tue May 14 2019 Michael Young - 4.12.0-2- Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091]- additional patches so above applies cleanly- work around grub2 issues in dom0
* Fri Apr 05 2019 Michael Young - 4.12.0-1- update to 4.12.0 (#1694695) remove patches for issues now fixed upstream replace xen.use.fedora.ipxe.patch with --with-system-ipxe drop xen.glibcfix.patch xen.gcc8.temp.fix.patch which are no longer needed adjust xen.python.env.patch xen.gcc9.fixes.patch xen.hypervisor.config refresh kdd is now xen-kdd, xenmon.py is now xenmon, fsimage.so is now xenfsimage.so fs libdir is now xenfsimage libdir xen-ringwatch xen-bugtool have been dropped- remove remaining traces of efiming and efi_flags logic- switch from python2 to python3- drop systemd_postun and renumber patches
* Tue Mar 05 2019 Michael Young - 4.11.1-4- xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284, CVE-2019-17340] race with pass-through device hotplug [XSA-285, CVE-2019-17341] x86: steal_page violates page_struct access discipline [XSA-287, CVE-2019-17342] x86: Inconsistent PV IOMMU discipline [XSA-288, CVE-2019-17343] missing preemption in x86 PV page table unvalidation [XSA-290, CVE-2019-17344] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291, CVE-2019-17345] x86: insufficient TLB flushing when using PCID [XSA-292, CVE-2019-17346] x86: PV kernel context switch corruption [XSA-293, CVE-2019-17347] x86 shadow: Insufficient TLB flushing when using PCID [XSA-294, CVE-2019-17348]
* Thu Feb 14 2019 Michael Young - 4.11.1-3- add gcc9 build fixes (#1676229)
* Sun Feb 03 2019 Fedora Release Engineering - 4.11.1-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Dec 11 2018 Michael Young - 4.11.1-1- update to 4.11.1 remove patches for issues now fixed upstream adjust xen.use.fedora.ipxe.patch- only include qemutrad build requirements for platforms that use it- construct ovmf.bin from edk2-ovmf package (#1656651)
* Tue Nov 20 2018 Michael Young - 4.11.0-10- insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275, CVE-2018-19961, CVE-2018-19962] (#1651665)- x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279, CVE-2018-19965] (#1651970)- xen: various flaws (#1652251) resource accounting issues in x86 IOREQ server handling [XSA-276, CVE-2018-19963] x86: incorrect error handling for guest p2m page removals [XSA-277, CVE-2018-19964] Fix for XSA-240 conflicts with shadow paging [XSA-280, CVE-2018-19966]
* Tue Nov 06 2018 Michael Young - 4.11.0-9- guest use of HLE constructs may lock up host [XSA-282, CVE-2018-19967]
  
ICM