|
|
|
|
Changelog for xen-ocaml-4.14.3-3.fc33.x86_64.rpm :
* Tue Nov 23 2021 Michael Young - 4.14.3-3- guests may exceed their designated memory limit [XSA-385, CVE-2021-28706]- PoD operations on misaligned GFNs [XSA-388, CVE-2021-28704, CVE-2021-28707 CVE-2021-28708]- issues with partially successful P2M updates on x86 [XSA-389, CVE-2021-28705, CVE-2021-28709] * Wed Oct 06 2021 Michael Young - 4.14.3-2- PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248) * Mon Sep 13 2021 Michael Young - 4.14.3-1- update to xen-4.14.3 remove or adjust patches now included or superceded upstream * Wed Sep 08 2021 Michael Young - 4.14.2-4- Another race in XENMAPSPACE_grant_table handling [XSA-384, CVE-2021-28701] (#2002786)- bugfix for XSA-380- stop editing grub files in /boot/efi/EFI/fedora on Fedora 34 * Sat Aug 28 2021 Michael Young - 4.14.2-3- IOMMU page mapping issues on x86 [XSA-378, CVE-2021-28694, CVE-2021-28695, CVE-2021-28696] (#1997531) (#1997568) (#1997537)- grant table v2 status pages may remain accessible after de-allocation [XSA-379, CVE-2021-28697] (#1997520)- long running loops in grant table handling [XSA-380, CVE-2021-28698] (#1997526)- inadequate grant-v2 status frames array bounds check [XSA-382, CVE-2021-28699] (#1997523)- xen/arm: No memory limit for dom0less domUs [XSA-383, CVE-2021-28700] (#1997527)- grub x86_64-efi modules now go into /boot/grub2 * Tue Jun 08 2021 Michael Young - 4.14.2-2- xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693] (#1970542)- inappropriate x86 IOMMU timeout detection / handling [XSA-373, CVE-2021-28692] (#1970540)- Speculative Code Store Bypass [XSA-375, CVE-2021-0089, CVE-2021-26313] (#1970531)- x86: TSX Async Abort protections not restored after S3 [XSA-377, CVE-2021-28690] (#1970546) * Tue May 04 2021 Michael Young - 4.14.2-1- update to 4.14.2 remove or adjust patch content now included or superceded upstream- re-copy grub modules if they have changed * Thu Mar 18 2021 Michael Young - 4.14.1-7- HVM soft-reset crashes toolstack [XSA-368, CVE-2021-28687] (#1940610) * Tue Feb 16 2021 Michael Young - 4.14.1-5- Linux: display frontend \"be-alloc\" mode is unsupported (comment only) [XSA-363, CVE-2021-26934] (#1929549)- arm: The cache may not be cleaned for newly allocated scrubbed pages [XSA-364, CVE-2021-26933] (#1929547) * Mon Feb 01 2021 Michael Young - 4.14.1-4- backport upstream zstd dom0 and guest patches- add libzstd-devel BuildRequires- add weak dependency on grub modules to improve initial boot setup * Wed Jan 27 2021 Fedora Release Engineering - 4.14.1-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Thu Jan 21 2021 Michael Young - 4.14.1-2- IRQ vector leak on x86 [XSA-360] * Sun Dec 20 2020 Michael Young - 4.14.1-1- update to 4.14.1 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream renumber patches * Tue Dec 15 2020 Michael Young - 4.14.0-14- xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091)- Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095)- Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096)- Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088)- Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1908087)- oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000)- undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085)- oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003)- oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908002)- infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932)- FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931)- FIFO event channels control structure ordering [XSA-359, CVE-2020-29571] (#1908089) * Sat Dec 05 2020 Jeff Law - 4.14.0-13- Work around another gcc-11 stringop-overflow diagnostic * Tue Nov 24 2020 Michael Young - 4.14.0-12- stack corruption from XSA-346 change [XSA-355] * Mon Nov 23 2020 Michael Young - 4.14.0-11- support zstd compressed kernels (dom0 only) based on linux kernel code * Tue Nov 10 2020 Michael Young - 4.14.0-10- Information leak via power sidechannel [XSA-351, CVE-2020-28368] (#1897146)- add make as build requires * Tue Nov 03 2020 Michael Young - 4.14.0-9- revised patch for XSA-286 (mitigating performance impact) * Fri Oct 30 2020 Jeff Law - 4.14.0-8- Work around gcc-11 stringop-overflow diagnostics as well * Wed Oct 28 2020 Michael Young - 4.14.0-7- x86 PV guest INVLPG-like flushes may leave stale TLB entries [XSA-286, CVE-2020-27674] (#1891092)- simplify grub scripts (patches from Thierry Vignaud )- some fixes for gcc 11 * Tue Oct 20 2020 Michael Young - 4.14.0-6- x86: Race condition in Xen mapping code [XSA-345, CVE-2020-27672] (#1891097)- undue deferral of IOMMU TLB flushes [XSA-346, CVE-2020-27671] (#1891093)- unsafe AMD IOMMU page table updates [XSA-347, CVE-2020-27670] (#1891088) * Tue Sep 22 2020 Michael Young - 4.14.0-5- x86 pv: Crash when handling guest access to MSR_MISC_ENABLE [XSA-333, CVE-2020-25602] (#1881619)- Missing unlock in XENMEM_acquire_resource error path [XSA-334, CVE-2020-25598] (#1881616)- race when migrating timers between x86 HVM vCPU-s [XSA-336, CVE-2020-25604] (#1881618)- PCI passthrough code reading back hardware registers [XSA-337, CVE-2020-25595] (#1881587)- once valid event channels may not turn invalid [XSA-338, CVE-2020-25597] (#1881588)- x86 pv guest kernel DoS via SYSENTER [XSA-339, CVE-2020-25596] (#1881617)- Missing memory barriers when accessing/allocating an event channel [XSA-340, CVE-2020-25603] (#1881583)- out of bounds event channels available to 32-bit x86 domains [XSA-342, CVE-2020-25600] (#1881582)- races with evtchn_reset() [XSA-343, CVE-2020-25599] (#1881581)- lack of preemption in evtchn_reset() / evtchn_destroy() [XSA-344, CVE-2020-25601] (#1881586) * Thu Sep 03 2020 Michael Young - 4.14.0-4- rebuild for OCaml 4.11.1 * Mon Aug 24 2020 Michael Young - 4.14.0-3- QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364] (#1871850) * Wed Jul 29 2020 Fedora Release Engineering - 4.14.0-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Sun Jul 26 2020 Michael Young - 4.14.0-1- update to 4.14.0 remove or adjust patches now included or superceded upstream adjust xen.hypervisor.config bison and flex packages now needed for hypervisor build /usr/bin/vchan-socket-proxy and /usr/sbin/xenhypfs have been added with associated libraries and man page- re-enable pandoc for more documentation adding xen-vbd-interface.7.gz- revise documentation build dependencies drop tex, texinfo, ghostscript, graphviz, discount add perl(Pod::Html) perl(File::Find)- additional build dependency for ocaml on perl(Data::Dumper) * Tue Jul 14 2020 Tom Stellard - 4.13.1-5- Use make macros- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro * Tue Jul 07 2020 Michael Young - 4.13.1-4- incorrect error handling in event channel port allocation leads to DoS [XSA-317, CVE-2020-15566] (#1854465)- inverted code paths in x86 dirty VRAM tracking leads to DoS [XSA-319, CVE-2020-15563] (#1854463)- xen: insufficient cache write-back under VT-d leads to DoS [XSA-321, CVE-2020-15565] (#1854467)- missing alignment check in VCPUOP_register_vcpu_info leads to DoS [XSA-327, CVE-2020-15564] (#1854458)- non-atomic modification of live EPT PTE leads to DoS [XSA-328, CVE-2020-15567] (#1854464) * Tue Jun 30 2020 Jeff Law Disable LTO * Wed Jun 10 2020 Michael Young - 4.13.1-3- Special Register Buffer speculative side channel [XSA-320] * Tue May 26 2020 Miro HronĨok - 4.13.1-2- Rebuilt for Python 3.9 * Tue May 19 2020 Michael Young - 4.13.1-1- update to 4.13.1 remove patches now included or superceded upstream * Tue May 05 2020 Michael Young - 4.13.0-8- build aarch64 hypervisor with -mno-outline-atomics to fix gcc 10 build * Tue Apr 14 2020 Michael Young - 4.13.0-7- multiple xenoprof issues [XSA-313, CVE-2020-11740, CVE-2020-11741] (#1823912, #1823914)- Missing memory barriers in read-write unlock paths [XSA-314, CVE-2020-11739] (#1823784)- Bad error path in GNTTABOP_map_grant [XSA-316, CVE-2020-11743] (#1823926)- Bad continuation handling in GNTTABOP_copy [XSA-318, CVE-2020-11742] (#1823943) * Tue Mar 17 2020 Michael Young - 4.13.0-6- fix issues in pygrub dependency found by python 3.8 * Tue Mar 10 2020 Michael Young - 4.13.0-5- setting for --with-system-ipxe should be a rom file (#1778516)- add weak depends on ipxe-roms-qemu and qemu-system-x86-core * Fri Jan 31 2020 Fedora Release Engineering - 4.13.0-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Wed Jan 22 2020 Michael Young - 4.13.0-3- build fixes for OCaml 4.10.0 and gcc 10 * Tue Jan 14 2020 Michael Young - 4.13.0-2- arm: a CPU may speculate past the ERET instruction [XSA-312]- use more explicit library names- add weak requires for perl (/etc/xen/scripts/locking.sh) * Wed Dec 18 2019 Michael Young - 4.13.0-1- update to 4.13.0 remove patches now included or superceded upstream adjust xen.hypervisor.config /usr/sbin/xen-tmem-list-parse has been removed pkgconfig files have moved to %{_libdir}/pkgconfig /usr/sbin/xen-ucode has been added (x86 only) * Sun Dec 15 2019 Michael Young - 4.12.1-9- fix build with OCaml 4.09.0 * Wed Dec 11 2019 Michael Young - 4.12.1-8- denial of service in find_next_bit() [XSA-307, CVE-2019-19581, CVE-2019-19582] (#1782211)- denial of service in HVM/PVH guest userspace code [XSA-308, CVE-2019-19583] (#1782206)- privilege escalation due to malicious PV guest [XSA-309, CVE-2019-19578] (#1782210)- Further issues with restartable PV type change operations [XSA-310, CVE-2019-19580] (#1782207)- vulnerability in dynamic height handling for AMD IOMMU pagetables [XSA-311, CVE-2019-19577] (#1782208)- add patches needed to apply XSA-311 * Tue Nov 26 2019 Michael Young - 4.12.1-7- Device quarantine for alternate pci assignment methods [XSA-306, CVE-2019-19579] (#1780559)
|
|
|