SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for xen-ocaml-4.17.4-1.fc38.x86_64.rpm :

* Tue Apr 09 2024 Michael Young - 4.17.4-1- x86: Native Branch History Injection [XSA-456, CVE-2024-2201]- update to xen 4.17.4, remove patches now included upstream rebase xen.gcc12.fixes.patch- x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842]- x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]
* Thu Mar 14 2024 Michael Young - 4.17.2-8- x86: Register File Data Sampling [XSA-452, CVE-2023-28746]- GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193]- additional patches so above applies cleanly
* Tue Feb 27 2024 Michael Young - 4.17.2-7- x86: shadow stack vs exceptions from emulation stubs - [XSA-451, CVE-2023-46841] (#2266326)
* Tue Jan 30 2024 Michael Young - 4.17.2-6- arm32: The cache may not be properly cleaned/invalidated (take two) [XSA-447, CVE-2023-46837]- pci: phantom functions assigned to incorrect contexts [XSA-449, CVE-2023-46839]- VT-d: Failure to quarantine devices in !HVM build [XSA-450, CVE-2023-46840]
* Tue Nov 14 2023 Michael Young - 4.17.2-5- x86/AMD: mismatch in IOMMU quarantine page table levels [XSA-445, CVE-2023-46835]- x86: BTC/SRSO fixes not fully effective [XSA-446, CVE-2023-46836]
* Tue Oct 10 2023 Michael Young - 4.17.2-4- xenstored: A transaction conflict can crash C Xenstored [XSA-440, CVE-2023-34323]- x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326]- Multiple vulnerabilities in libfsimage disk handling [XSA-443, CVE-2023-34325]- x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327, CVE-2023-34328]
* Sun Oct 08 2023 Michael Young - 4.17.2-3- rebuild (f40) for OCaml 5.1
* Tue Sep 26 2023 Michael Young - 4.17.2-2- arm32: The cache may not be properly cleaned/invalidated [XSA-437, CVE-2023-34321]- top-level shadow reference dropped too early for 64-bit PV guests [XSA-438, CVE-2023-34322]- x86/AMD: Divide speculative information leak [XSA-439, CVE-2023-20588]
* Thu Aug 10 2023 Michael Young - 4.17.2-1- update to xen-4.17.2 which includes x86/AMD: Speculative Return Stack Overflow [XSA-434, CVE-2023-20569] x86/Intel: Gather Data Sampling [XSA-435, CVE-2022-40982]- remove patches now included upstream
* Tue Aug 01 2023 Michael Young - 4.17.1-9- arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320] (#2228238)
* Mon Jul 31 2023 Michael Young - 4.17.1-8- bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
* Tue Jul 25 2023 Michael Young - adjust OCaml patch condition so eln builds work
* Mon Jul 24 2023 Michael Young - 4.17.1-7- x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]- omit OCaml 5 patch on fc38
* Sat Jul 22 2023 Fedora Release Engineering - 4.17.1-6- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Jul 10 2023 Jerry James - 4.17.1-5- Add patch for OCaml 5.0.0
* Tue Jun 27 2023 Michael Young - 4.17.1-4- work around a build problem with python 3.12
* Tue Jun 13 2023 Python Maint - 4.17.1-3- Rebuilt for Python 3.12
* Tue May 16 2023 Michael Young - 4.17.1-2- Mishandling of guest SSBD selection on AMD hardware [XSA-431, CVE-2022-42336]
* Tue May 02 2023 Michael Young - 4.17.1-1- update to xen-4.17.1 remove patches now included upstream switch from patchN to patch N format for applying patches
* Tue Apr 25 2023 Michael Young - 4.17.0-9- x86 shadow paging arbitrary pointer dereference [XSA-430, CVE-2022-42335]
* Tue Mar 21 2023 Michael Young - 4.17.0-8- 3 security issues (#2180425) x86 shadow plus log-dirty mode use-after-free [XSA-427, CVE-2022-42332] x86/HVM pinned cache attributes mis-handling [XSA-428, CVE-2022-42333, CVE-2022-42334] x86: speculative vulnerability in 32bit SYSCALL path [XSA-429, CVE-2022-42331]
* Sat Feb 18 2023 Michael Young - 4.17.0-7- use OVMF.fd from new edk2-ovmf-xen package as ovmf.bin file built from edk2-ovmf package no longer supports xen (#2170930)
* Tue Feb 14 2023 Michael Young - 4.17.0-6- x86: Cross-Thread Return Address Predictions [XSA-426, CVE-2022-27672]
* Wed Jan 25 2023 Michael Young - 4.17.0-5- Guests can cause Xenstore crash via soft reset [XSA-425, CVE-2022-42330] (#2164520)
* Tue Jan 24 2023 Michael Young - now need BuildRequires for hostname
* Sat Jan 21 2023 Fedora Release Engineering - 4.17.0-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Jan 17 2023 Michael Young - 4.17.0-3- build fix for gcc13
* Sun Jan 08 2023 Michael Young - 4.17.0-2- fix clean up of init scripts if /etc/rc.d/init.d doesn\'t exist
* Tue Dec 20 2022 Michael Young - python3-setuptools BuildRequires is needed for python 3.12
* Tue Dec 13 2022 Michael Young - 4.17.0-1- update to xen-4.17.0 rebase xen.fedora.systemd.patch and xen.canonicalize.patch remove or adjust patches now included or superceded upstream /var/lib/xenstored has moved to /run/xenstored
* Tue Nov 08 2022 Michael Young - 4.16.2-4- x86: Multiple speculative security issues [XSA-422, CVE-2022-23824]
* Tue Nov 01 2022 Michael Young - 4.16.2-3- x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327]- Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309]- Xenstore: Guests can create orphaned Xenstore nodes [XSA-415, CVE-2022-42310]- Xenstore: guests can let run xenstored out of memory [XSA-326, CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318]- Xenstore: Guests can cause Xenstore to not free temporary memory [XSA-416, CVE-2022-42319]- Xenstore: Guests can get access to Xenstore nodes of deleted domains [XSA-417, CVE-2022-42320]- Xenstore: Guests can crash xenstored via exhausting the stack [XSA-418, CVE-2022-42321]- Xenstore: Cooperating guests can create arbitrary numbers of nodes [XSA-419, CVE-2022-42322, CVE-2022-42323]- Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324]- Xenstore: Guests can create arbitrary number of nodes via transactions [XSA-421, CVE-2022-42325, CVE-2022-42326]
* Fri Oct 14 2022 Michael Young - 4.16.2-2- Arm: unbounded memory consumption for 2nd-level page tables [XSA-409, CVE-2022-33747] (#2135268)- P2M pool freeing may take excessively long [XSA-410, CVE-2022-33746] (#2135641)- lock order inversion in transitive grant copy handling [XSA-411, CVE-2022-33748] (#2135263)
* Sat Sep 17 2022 Michael Young - 4.16.2-1- update to xen-4.16.2 remove or adjust patches now included or superceded upstream
* Tue Jul 26 2022 Michael Young - 4.16.1-8- insufficient TLB flush for x86 PV guests in shadow mode [XSA-408, CVE-2022-33745] (#2112223)
* Sat Jul 23 2022 Fedora Release Engineering - 4.16.1-7- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 12 2022 Michael Young - 4.16.1-6- Retbleed - arbitrary speculative code execution with return instructions [XSA-407, CVE-2022-23816, CVE-2022-23825, CVE-2022-29900]
* Tue Jul 05 2022 Michael Young - 4.16.1-5- Linux disk/nic frontends data leaks [XSA-403, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742] (#2104747)
* Tue Jun 21 2022 Michael Young - 4.16.1-4- x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166]
* Mon Jun 13 2022 Python Maint - 4.16.1-3- Rebuilt for Python 3.11 (F37 build only)
* Sat Jun 11 2022 Michael Young - 4.16.1-2- stop building for ix86 and armv7hl due to missing build dependency- x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362]- x86 pv: Insufficient care with non-coherent mappings [ XSA-402, CVE-2022-26363, CVE-2022-26364]- additional patches so above applies cleanly
* Thu Apr 14 2022 Michael Young - 4.16.1-1- update to xen-4.16.1 remove or adjust patches now included or superceded upstream renumber patches- strip .efi file to help EFI partitions with limited space
  
ICM