SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for xen-libs-4.15.4-1.fc35.x86_64.rpm :

* Wed Nov 16 2022 Michael Young - 4.15.4-1- update to xen-4.15.4 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream- x86: Multiple speculative security issues [XSA-422, CVE-2022-23824]
* Tue Nov 01 2022 Michael Young - 4.15.3-7- Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309]- Xenstore: Guests can create orphaned Xenstore nodes [XSA-415, CVE-2022-42310]- Xenstore: guests can let run xenstored out of memory [XSA-326, CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318]- Xenstore: Guests can cause Xenstore to not free temporary memory [XSA-416, CVE-2022-42319]- Xenstore: Guests can get access to Xenstore nodes of deleted domains [XSA-417, CVE-2022-42320]- Xenstore: Guests can crash xenstored via exhausting the stack [XSA-418, CVE-2022-42321]- Xenstore: Cooperating guests can create arbitrary numbers of nodes [XSA-419, CVE-2022-42322, CVE-2022-42323]- Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324]- Xenstore: Guests can create arbitrary number of nodes via transactions [XSA-421, CVE-2022-42325, CVE-2022-42326]
* Tue Oct 18 2022 Michael Young - 4.15.3-6- add patch to fix an incorrect backport
* Tue Oct 18 2022 Michael Young - 4.15.3-5- Arm: unbounded memory consumption for 2nd-level page tables [XSA-409, CVE-2022-33747] (#2135268)- P2M pool freeing may take excessively long [XSA-410, CVE-2022-33746] (#2135641)- lock order inversion in transitive grant copy handling [XSA-411, CVE-2022-33748] (#2135263)
* Tue Jul 26 2022 Michael Young - 4.15.3-4- insufficient TLB flush for x86 PV guests in shadow mode [XSA-408, CVE-2022-33745] (#2112223)
* Fri Jul 22 2022 Michael Young - 4.15.3-3- Retbleed - arbitrary speculative code execution with return instructions [XSA-407, CVE-2022-23816, CVE-2022-23825, CVE-2022-29900]
* Thu Jul 07 2022 Michael Young - 4.15.3-2- Linux disk/nic frontends data leaks [XSA-403, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742] (#2104747)
* Fri Jul 01 2022 Michael Young - 4.15.3-1- update to xen-4.15.3 remove or adjust patches now included or superceded upstream- x86: MMIO Stale Data vulnerabilities (not applied in 4.15.2-5)
* Wed Jun 22 2022 Michael Young - 4.15.2-5- x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166]
* Thu Jun 09 2022 Michael Young - 4.15.2-4- x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362]- x86 pv: Insufficient care with non-coherent mappings [ XSA-402, CVE-2022-26363, CVE-2022-26364]- additional patches so above applies cleanly
* Wed Apr 06 2022 Michael Young - 4.15.2-3- Racy interactions between dirty vram tracking and paging log dirty hypercalls [XSA-397, CVE-2022-26356]- race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]- IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400, CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]
* Sat Mar 12 2022 Michael Young - 4.15.2-2- Multiple speculative security issues [XSA-398]- additional patches so above applies cleanly
* Thu Feb 03 2022 Michael Young - 4.15.2-1- update to xen-4.15.2 remove or adjust patches now included or superceded upstream
* Tue Jan 25 2022 Michael Young - 4.15.1-5- frontends vulnerable to backends [XSA-376] (document change only)- arm: guest_physmap_remove_page not removing the p2m mappings [XSA-393, CVE-2022-23033] (#2045044)- A PV guest could DoS Xen while unmapping a grant [XSA-394, CVE-2022-23034] (#2045042)- Insufficient cleanup of passed-through device IRQs [XSA-395, CVE-2022-23035] (#2045040)
* Tue Nov 23 2021 Michael Young - 4.15.1-4- guests may exceed their designated memory limit [XSA-385, CVE-2021-28706]- PoD operations on misaligned GFNs [XSA-388, CVE-2021-28704, CVE-2021-28707 CVE-2021-28708]- issues with partially successful P2M updates on x86 [XSA-389, CVE-2021-28705, CVE-2021-28709]- certain VT-d IOMMUs may not work in shared page table mode [XSA-390, CVE-2021-28710]
* Wed Oct 06 2021 Michael Young - 4.15.1-3- rebuild (f36 only) for OCaml 4.13.1
* Tue Oct 05 2021 Michael Young - 4.15.1-2- PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248)
* Sun Sep 12 2021 Michael Young - 4.15.1-1- update to xen-4.15.1 remove or adjust patches now included or superceded upstream update libxencall version
* Wed Sep 08 2021 Michael Young - 4.15.0-7- Another race in XENMAPSPACE_grant_table handling [XSA-384, CVE-2021-28701] (#2002786)- bugfix for XSA-380- stop editing grub files in /boot/efi/EFI/fedora
* Wed Aug 25 2021 Michael Young - 4.15.0-6- IOMMU page mapping issues on x86 [XSA-378, CVE-2021-28694, CVE-2021-28695, CVE-2021-28696] (#1997531) (#1997568) (#1997537)- grant table v2 status pages may remain accessible after de-allocation [XSA-379, CVE-2021-28697] (#1997520)- long running loops in grant table handling [XSA-380, CVE-2021-28698] (#1997526)- inadequate grant-v2 status frames array bounds check [XSA-382, CVE-2021-28699] (#1997523)- xen/arm: No memory limit for dom0less domUs [XSA-383, CVE-2021-28700] (#1997527)- grub x86_64-efi modules now go into /boot/grub2
* Thu Aug 12 2021 Michael Young - 4.15.0-5- work around build issue with GNU ld 2.37 (#1990344)
* Fri Jul 23 2021 Fedora Release Engineering - 4.15.0-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jun 08 2021 Michael Young - 4.15.0-3- xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693] (#1970542)- inappropriate x86 IOMMU timeout detection / handling [XSA-373, CVE-2021-28692] (#1970540)- Speculative Code Store Bypass [XSA-375, CVE-2021-0089, CVE-2021-26313] (#1970531)- x86: TSX Async Abort protections not restored after S3 [XSA-377, CVE-2021-28690] (#1970546)
* Fri Jun 04 2021 Python Maint - 4.15.0-2- Rebuilt for Python 3.10
* Wed May 05 2021 Michael Young - 4.15.0-1- update to xen-4.15.0 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream renumber patch update libxendevicemodel libxenevtchn libxenforeignmemory versions /etc/bash_completion.d/xl.sh is now xl package xen-access xen-memshare xenstorepvh-stubdom.gz xl-pci-configuration.5.gz- adjust xen.ocaml.4.12.fixes.patch to work with earlier ocaml- re-copy grub modules if they have changed
* Fri Mar 19 2021 Michael Young - 4.14.1-8- HVM soft-reset crashes toolstack [XSA-368, CVE-2021-28687] (#1940610)- adjust efi test to stop build failing
* Tue Mar 02 2021 Michael Young - 4.14.1-6- build fixes for OCaml 4.12.0
* Tue Feb 16 2021 Michael Young - 4.14.1-5- Linux: display frontend \"be-alloc\" mode is unsupported (comment only) [XSA-363, CVE-2021-26934] (#1929549)- arm: The cache may not be cleaned for newly allocated scrubbed pages [XSA-364, CVE-2021-26933] (#1929547)
* Mon Feb 01 2021 Michael Young - 4.14.1-4- backport upstream zstd dom0 and guest patches- add libzstd-devel BuildRequires- add weak dependency on grub modules to improve initial boot setup
* Wed Jan 27 2021 Fedora Release Engineering - 4.14.1-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Jan 21 2021 Michael Young - 4.14.1-2- IRQ vector leak on x86 [XSA-360]
* Sun Dec 20 2020 Michael Young - 4.14.1-1- update to 4.14.1 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream renumber patches
* Tue Dec 15 2020 Michael Young - 4.14.0-14- xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091)- Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095)- Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096)- Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088)- Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1908087)- oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000)- undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085)- oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003)- oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908002)- infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932)- FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931)- FIFO event channels control structure ordering [XSA-359, CVE-2020-29571] (#1908089)
* Sat Dec 05 2020 Jeff Law - 4.14.0-13- Work around another gcc-11 stringop-overflow diagnostic
* Tue Nov 24 2020 Michael Young - 4.14.0-12- stack corruption from XSA-346 change [XSA-355]
* Mon Nov 23 2020 Michael Young - 4.14.0-11- support zstd compressed kernels (dom0 only) based on linux kernel code
  
ICM