SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for xen-libs-4.20.0_08-2.1.x86_64.rpm :

* Tue Feb 11 2025 carnoldAATTsuse.com- bsc#1233796 - [XEN][15-SP7-BEAT3] Xen call trace and APIC Error found after reboot operation on AMD machine. x86-shutdown-offline-APs-with-interrupts-disabled-on-all-CPUs.patch
* Mon Feb 10 2025 carnoldAATTsuse.com- Update to Xen 4.20.0 RC4 release
* AMD/IOMMU: log IVHD contents
* AMD/IOMMU: drop stray MSI enabling
* radix-tree: introduce RADIX_TREE{,_INIT}()
* Fri Jan 31 2025 carnoldAATTsuse.com- Update to Xen 4.20.0 RC3 release
* x86/HVM: correct MMIO emulation cache bounds check
* x86/HVM: allocate emulation cache entries dynamically
* x86/HVM: correct read/write split at page boundaries
* x86/iommu: check for CMPXCHG16B when enabling IOMMU
* iommu/vtd: remove non-CX16 logic from interrupt remapping
* x86/iommu: remove non-CX16 logic from DMA remapping
* iommu/amd: atomically update IRTE
* x86emul: further correct 64-bit mode zero count repeated string insn handling
* x86/PV: further harden guest memory accesses against speculative abuse
* x86/intel: Fix PERF_GLOBAL fixup when virtualised
* Fri Jan 31 2025 Markéta Machová - Add explicit build dependency on python3-setuptools, needed by python313
* Mon Jan 20 2025 carnoldAATTsuse.com- Update to Xen 4.20.0 RC2 release
* xen/arm: Fully initialise struct membanks_hdr fields
* build: Set DATE to SOURCE_DATE_EPOCH if available (for reproducible builds)
* x86: Add Support for Paging-Write Feature
* x86/time: introduce command line option to select wallclock
* x86/time: prefer CMOS over EFI_GET_TIME
* xentrace: free CPU mask string before overwriting pointer
* xl: properly dispose of vTPM struct instance
* xl: properly dispose of libxl_dominfo struct instances
* Various documentation fixes and updates (including ppc and riscv additions)
* Various MISRA compliance improvements.
* Fri Jan 10 2025 carnoldAATTsuse.com- Update to Xen 4.20.0 RC1 release
* x86/amd: Misc setup for Fam1Ah processors
* xen/perfc cleanups and adjustments
* libxl: drop setting XEN_QEMU_CONSOLE_LIMIT in the environment (XSA-180 / CVE-2014-3672)
* x86emul: VCVT{,U}DQ2PD ignores embedded rounding
* x86emul: correct put_fpu()\'s segment selector handling
* xen/flask: Wire up XEN_DOMCTL_dt_overlay and XEN_DOMCTL_set_llc_colors
* xen/events: fix race with set_global_virq_handler()
* Mon Jan 06 2025 carnoldAATTsuse.com- Update to Xen 4.20.0 pre-release (jsc#PED-8907) xen-4.20.0-testing-src.tar.bz2- New Features
* On Arm: - Experimental support for Armv8-R. - Support for NXP S32G3 Processors Family and NXP LINFlexD UART driver. - Basic handling for SCMI requests over SMC using Shared Memory, by allowing forwarding the calls to EL3 FW if coming from hwdom. - Support for LLC (Last Level Cache) coloring.
* On x86: - xl suspend/resume subcommands. - Support for SRSO_U/S_NO and SRSO_MSR_FIX- Changed Features
* Fixed blkif protocol specification for sector sizes different than 512b.
* The dombuilder in libxenguest no longer un-gzips secondary modules, instead leaving this to the guest kernel to do in guest context.
* On x86: - Prefer ACPI reboot over UEFI ResetSystem() run time service call. - Switched the xAPIC flat driver to use physical destination mode for external interrupts instead of logical destination mode.- Removed Features
* On x86: - Support for running on Xeon Phi processors. - Removed the `ucode=allow-same` command line option. - Removed x2APIC Cluster Mode for external interrupts. x2APIC Physical and Mixed Modes are still available.- Dropped patches xsa466.patch
* Wed Dec 11 2024 oheringAATTsuse.de- Move /etc/bash_completion.d/xl back to %_datadir/bash-completion/completions
* Mon Dec 09 2024 carnoldAATTsuse.com- bsc#1234282 - VUL-0: xen: XSA-466: Xen hypercall page unsafe against speculative attacks xsa466.patch
* Wed Dec 04 2024 carnoldAATTsuse.com- Update to Xen 4.19.1 bug fix release (jsc#PED-8907) xen-4.19.1-testing-src.tar.bz2
* No upstream changelog found in sources or webpage- Dropped patches 66a8b8ac-bunzip2-rare-failure.patch 66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch 66bb6fa5-x86-pass-through-document-as-security-unsupported.patch 66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch 66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch 66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch 66d8690f-SUPPORT-split-XSM-from-Flask.patch 66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch 66e44ae2-x86-ucode-AMD-buffer-underrun.patch 66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch 66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch xsa463-01.patch xsa463-02.patch xsa463-03.patch xsa463-04.patch xsa463-05.patch xsa463-06.patch xsa463-07.patch xsa463-08.patch xsa463-09.patch xsa464.patch gcc14-fixes.patch
* Wed Oct 30 2024 carnoldAATTsuse.com- bsc#1232622 - VUL-0: CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling (XSA-463) xsa463-01.patch xsa463-02.patch xsa463-03.patch xsa463-04.patch xsa463-05.patch xsa463-06.patch xsa463-07.patch xsa463-08.patch xsa463-09.patch- bsc#1232624 - VUL-0: CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables (XSA-464) xsa464.patch- Drop stdvga-cache.patch
* Tue Oct 29 2024 oheringAATTsuse.de- bsc#1232542 - remove usage of net-tools-deprecated from supportconfig plugin
* Thu Sep 26 2024 jbeulichAATTsuse.com- bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in vlapic_error() (XSA-462) 66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch Drop xsa462.patch- Upstream bug fixes (bsc#1027519) 66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch 66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch 66d8690f-SUPPORT-split-XSM-from-Flask.patch 66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch 66e44ae2-x86-ucode-AMD-buffer-underrun.patch 66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch
* Tue Sep 10 2024 carnoldAATTsuse.com- bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in vlapic_error() (XSA-462) xsa462.patch
* Fri Aug 30 2024 Guillaume GARDET - Fix build on aarch64 with gcc14 (bsc#1225953) 66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch
* Wed Aug 14 2024 carnoldAATTsuse.com- bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86 IOMMU identity mapping (XSA-460) 66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch- bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through with shared resources (XSA-461) 66bb6fa5-x86-pass-through-document-as-security-unsupported.patch
* Tue Aug 06 2024 jbeulichAATTsuse.com- Upstream bug fixes (bsc#1027519) 66a8b8ac-bunzip2-rare-failure.patch
* Tue Jul 30 2024 carnoldAATTsuse.com- Update to Xen 4.19.0 FCS release (jsc#PED-8907) xen-4.19.0-testing-src.tar.bz2- New Features
* On x86: - Introduce a new x2APIC driver that uses Cluster Logical addressing mode for IPIs and Physical addressing mode for external interrupts.
* On Arm: - FF-A notification support. - Introduction of dynamic node programming using overlay dtbo.
* Add a new 9pfs backend running as a daemon in dom0. First user is Xenstore-stubdom now being able to support full Xenstore trace capability.
* libxl support for backendtype=tap with tapback.- Changed Features
* Changed flexible array definitions in public I/O interface headers to not use \"1\" as the number of array elements.
* The minimum supported OCaml toolchain version is now 4.05
* On x86: - HVM PIRQs are disabled by default. - Reduce IOMMU setup time for hardware domain. - Allow HVM/PVH domains to map foreign pages. - Declare PVH dom0 supported with caveats.
* xl/libxl configures vkb=[] for HVM domains with priority over vkb_device.
* Increase the maximum number of CPUs Xen can be built for from 4095 to 16383.
* When building with Systemd support (./configure --enable-systemd), remove libsystemd as a build dependency. Systemd Notify support is retained, now using a standalone library implementation.
* xenalyze no longer requires `--svm-mode` when analyzing traces generated on AMD CPUs
* Code symbol annotations and MISRA compliance improvements.- Removed Features
* caml-stubdom. It hasn\'t built since 2014, was pinned to Ocaml 4.02, and has been superseded by the MirageOS/SOLO5 projects.
* /usr/bin/pygrub symlink. This was deprecated in Xen 4.2 (2012) but left for compatibility reasons. VMs configured with bootloader=\"/usr/bin/pygrub\" should be updated to just bootloader=\"pygrub\".
* The Xen gdbstub on x86.
* xentrace_format has been removed; use xenalyze instead.- Dropped patches contained in new tarball 6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch 6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch 6627a5fc-x86-MTRR-inverted-WC-check.patch 662a6a4c-x86-spec-reporting-of-BHB-clearing.patch 662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch 663090fd-x86-gen-cpuid-syntax.patch 663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch 663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch 663d05b5-x86-ucode-distinguish-up-to-date.patch 663eaa27-libxl-XenStore-error-handling-in-device-creation.patch 66450626-sched-set-all-sched_resource-data-inside-locked.patch 66450627-x86-respect-mapcache_domain_init-failing.patch 6646031f-x86-ucode-further-identify-already-up-to-date.patch 6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch 666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch 666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch 666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch 666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch 666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch 667187cc-x86-Intel-unlock-CPUID-earlier.patch 66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch 6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch 6672c846-x86-xstate-initialisation-of-XSS-cache.patch 6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch 6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch xsa458.patch- Dropped patches no longer necessary bin-python3-conversion.patch migration-python3-conversion.patch
* Tue Jul 23 2024 Franz Sirl - Enable support for ZSTD and LZO compression formats
* Wed Jul 03 2024 carnoldAATTsuse.com- bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86 guest IRQ handling (XSA-458) xsa458.patch
* Mon Jun 24 2024 jbeulichAATTsuse.com- bsc#1214718 - The system hangs intermittently when Power Control Mode is set to Minimum Power on SLES15SP5 Xen 6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch 666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch 666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch 66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch 6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch 6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch- Upstream bug fixes (bsc#1027519) 66450626-sched-set-all-sched_resource-data-inside-locked.patch 66450627-x86-respect-mapcache_domain_init-failing.patch 6646031f-x86-ucode-further-identify-already-up-to-date.patch 666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch 666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch 666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch 667187cc-x86-Intel-unlock-CPUID-earlier.patch 6672c846-x86-xstate-initialisation-of-XSS-cache.patch 6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch
* Wed Jun 12 2024 Daniel Garcia - Fix python3 shebang in tools package (bsc#1212476)- Depend directly on %primary_python instead of python3 so this package will continue working without rebuilding even if python3 changes in the system.- Remove not needed patches, these patches adds the python3 shebang to some scripts, but that\'s done during the build phase so it\'s not needed: - bin-python3-conversion.patch - migration-python3-conversion.patch
* Tue Jun 04 2024 carnoldAATTsuse.com- bsc#1225953 - Package xen does not build with gcc14 because of new errors gcc14-fixes.patch
* Wed May 15 2024 jbeulichAATTsuse.com- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may trigger Xen bug check (XSA-454) 6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch- Upstream bug fixes (bsc#1027519) 6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch 6627a5fc-x86-MTRR-inverted-WC-check.patch 662a6a4c-x86-spec-reporting-of-BHB-clearing.patch 662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch 663090fd-x86-gen-cpuid-syntax.patch 663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch 663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch 663d05b5-x86-ucode-distinguish-up-to-date.patch 663eaa27-libxl-XenStore-error-handling-in-device-creation.patch
* Tue Apr 09 2024 carnoldAATTsuse.com- Update to Xen 4.18.2 security bug fix release (bsc#1027519) xen-4.18.2-testing-src.tar.bz2
* No upstream changelog found in sources or webpage- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may trigger Xen bug check (XSA-454)- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic for BTC/SRSO mitigations (XSA-455)- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch History Injection (XSA-456)- Dropped patch contained in new tarball 65f83951-x86-mm-use-block_lock_speculation-in.patch
* Mon Mar 25 2024 jbeulichAATTsuse.com- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative Race Conditions (XSA-453) 65f83951-x86-mm-use-block_lock_speculation-in.patch
* Fri Mar 15 2024 carnoldAATTsuse.com- Update to Xen 4.18.1 bug fix release (bsc#1027519) xen-4.18.1-testing-src.tar.bz2
* No upstream changelog found in sources or webpage- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data Sampling (XSA-452)- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative Race Conditions (XSA-453)- Dropped patches included in new tarball 654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch 65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch 655b2ba9-fix-sched_move_domain.patch 6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch 6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch 656ee5e1-x86emul-avoid-triggering-event-assertions.patch 656ee602-cpupool-adding-offline-CPU.patch 656ee6c3-domain_create-error-path.patch 6571ca95-fix-sched_move_domain.patch 6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch 65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch 65a7a0a4-x86-Intel-GPCC-setup.patch 65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch 65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch 65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch 65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch 65b8f9ab-VT-d-else-vs-endif-misplacement.patch xsa451.patch
* Tue Feb 13 2024 carnoldAATTsuse.com- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs exceptions from emulation stubs (XSA-451) xsa451.patch
* Wed Jan 31 2024 jbeulichAATTsuse.com- Upstream bug fixes (bsc#1027519) 6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch 6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch 656ee5e1-x86emul-avoid-triggering-event-assertions.patch 656ee602-cpupool-adding-offline-CPU.patch 656ee6c3-domain_create-error-path.patch 6571ca95-fix-sched_move_domain.patch 6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch 65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch 65a7a0a4-x86-Intel-GPCC-setup.patch 65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch 65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch 65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions assigned to incorrect contexts (XSA-449) 65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to quarantine devices in !HVM builds (XSA-450) 65b8f9ab-VT-d-else-vs-endif-misplacement.patch- Patches dropped / replaced by newer upstream versions xsa449.patch xsa450.patch
* Tue Jan 23 2024 carnoldAATTsuse.com- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to quarantine devices in !HVM builds (XSA-450) xsa450.patch
* Tue Jan 16 2024 carnoldAATTsuse.com- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions assigned to incorrect contexts (XSA-449) xsa449.patch
* Tue Nov 21 2023 carnoldAATTsuse.com- Enable the Kconfig options REQUIRE_NX and DIT_DEFAULT to provide better hypervisor security xen.spec
* Tue Nov 21 2023 jbeulichAATTsuse.com- Upstream bug fixes (bsc#1027519) 654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch 65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch 655b2ba9-fix-sched_move_domain.patch
* Mon Nov 20 2023 Bernhard Wiedemann - Pass XEN_BUILD_DATE + _TIME to override build date (boo#1047218)
* Thu Nov 16 2023 carnoldAATTsuse.com- Update to Xen 4.18.0 FCS release (jsc#PED-4984) xen-4.18.0-testing-src.tar.bz2
* Repurpose command line gnttab_max_{maptrack_,}frames options so they don\'t cap toolstack provided values.
* Ignore VCPUOP_set_singleshot_timer\'s VCPU_SSHOTTMR_future flag. The only known user doesn\'t use it properly, leading to in-guest breakage.
* The \"dom0\" option is now supported on Arm and \"sve=\" sub-option can be used to enable dom0 guest to use SVE/SVE2 instructions.
* Physical CPU Hotplug downgraded to Experimental and renamed \"ACPI CPU Hotplug\" for clarity
* On x86, support for features new in Intel Sapphire Rapids CPUs: - PKS (Protection Key Supervisor) available to HVM/PVH guests. - VM-Notify used by Xen to mitigate certain micro-architectural pipeline livelocks, instead of crashing the entire server. - Bus-lock detection, used by Xen to mitigate (by rate-limiting) the system wide impact of a guest misusing atomic instructions.
* xl/libxl can customize SMBIOS strings for HVM guests.
* Add support for AVX512-FP16 on x86.
* On Arm, Xen supports guests running SVE/SVE2 instructions. (Tech Preview)
* On Arm, add suport for Firmware Framework for Arm A-profile (FF-A) Mediator (Tech Preview)
* Add Intel Hardware P-States (HWP) cpufreq driver.
* On Arm, experimental support for dynamic addition/removal of Xen device tree nodes using a device tree overlay binary (.dtbo).
* Introduce two new hypercalls to map the vCPU runstate and time areas by physical rather than linear/virtual addresses.
* On x86, support for enforcing system-wide operation in Data Operand Independent Timing Mode.
* The project has now officially adopted 6 directives and 65 rules of MISRA-C.
* On x86, the \"pku\" command line option has been removed. It has never behaved precisely as described, and was redundant with the unsupported \"cpuid=no-pku\". Visibility of PKU to guests should be via its vm.cfg file.
* xenpvnetboot removed as unable to convert to Python 3.
* xencons is no longer supported or present. See 5d22d69b30- Droppped patches contained in new tarballs 63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch 643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch 643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch 6447a8fd-x86-EFI-permit-crash-dump-analysis.patch 64d33a57-libxenstat-Linux-nul-terminate-string.patch aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch xen.stubdom.newlib.patch xsa446.patch xsa445.patch xsa438.patch xsa439-00.patch xsa439-01.patch xsa439-02.patch xsa439-03.patch xsa439-04.patch xsa439-05.patch xsa439-06.patch xsa439-07.patch xsa439-08.patch xsa439-09.patch xsa443-10.patch xsa443-11.patch xsa440.patch- Dropped xen-utils-0.1.tar.bz2 The xen-list and xen-destroy commands are removed. Originally created as a better replacement for \'xm\'. The \'xl\' equivalent commands should be used instead.- Dropped libxl.pvscsi.patch Support for PVSCSI devices in the guest is no longer supported.
* Thu Nov 02 2023 carnoldAATTsuse.com- bsc#1216807 - VUL-0: CVE-2023-46836: xen: x86: BTC/SRSO fixes not fully effective (XSA-446) xsa446.patch
* Fri Oct 27 2023 carnoldAATTsuse.com- bsc#1216654 - VUL-0: CVE-2023-46835: xen: x86/AMD: mismatch in IOMMU quarantine page table levels (XSA-445) xsa445.patch
* Wed Oct 18 2023 jfehligAATTsuse.com- Supportconfig: Adapt plugin to modern supportconfig The supportconfig \'scplugin.rc\' file is deprecated in favor of supportconfig.rc\'. Adapt the xen plugin to the new scheme. xen-supportconfig
* Tue Oct 17 2023 jbeulichAATTsuse.com- bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow reference dropped too early for 64-bit PV guests (XSA-438) 650abbfe-x86-shadow-defer-PV-top-level-release.patch- bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional execution leak via division by zero (XSA-439) 64e5b4ac-x86-AMD-extend-Zenbleed-check.patch 65087000-x86-spec-ctrl-SPEC_CTRL_EXIT_TO_XEN-confusion.patch 65087001-x86-spec-ctrl-fold-DO_SPEC_CTRL_EXIT_TO_XEN.patch 65087002-x86-spec-ctrl-SPEC_CTRL-ENTRY-EXIT-asm-macros.patch 65087003-x86-spec-ctrl-SPEC_CTRL-ENTER-EXIT-comments.patch 65087004-x86-entry-restore_all_xen-stack_end.patch 65087005-x86-entry-track-IST-ness-of-entry.patch 65087006-x86-spec-ctrl-VERW-on-IST-exit-to-Xen.patch 65087007-x86-AMD-Zen-1-2-predicates.patch 65087008-x86-spec-ctrl-Zen1-DIV-leakage.patch- bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU TLB flushing (XSA-442) 65263470-AMD-IOMMU-flush-TLB-when-flushing-DTE.patch- bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple vulnerabilities in libfsimage disk handling (XSA-443) 65263471-libfsimage-xfs-remove-dead-code.patch 65263472-libfsimage-xfs-amend-mask32lo.patch 65263473-libfsimage-xfs-sanity-check-superblock.patch 65263474-libfsimage-xfs-compile-time-check.patch 65263475-pygrub-remove-unnecessary-hypercall.patch 65263476-pygrub-small-refactors.patch 65263477-pygrub-open-output-files-earlier.patch 65263478-libfsimage-function-to-preload-plugins.patch 65263479-pygrub-deprivilege.patch 6526347a-libxl-allow-bootloader-restricted-mode.patch 6526347b-libxl-limit-bootloader-when-restricted.patch- bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD: Debug Mask handling (XSA-444) 6526347c-SVM-fix-AMD-DR-MASK-context-switch-asymmetry.patch 6526347d-x86-PV-auditing-of-guest-breakpoints.patch- Upstream bug fixes (bsc#1027519) 64e6459b-revert-VMX-sanitize-rIP-before-reentering.patch 64eef7e9-x86-reporting-spurious-i8259-interrupts.patch 64f71f50-Arm-handle-cache-flush-at-top.patch 65084ba5-x86-AMD-dont-expose-TscFreqSel.patch- Patches dropped / replaced by newer upstream versions xsa438.patch xsa439-00.patch xsa439-01.patch xsa439-02.patch xsa439-03.patch xsa439-04.patch xsa439-05.patch xsa439-06.patch xsa439-07.patch xsa439-08.patch xsa439-09.patch xsa442.patch xsa443-01.patch xsa443-02.patch xsa443-03.patch xsa443-04.patch xsa443-05.patch xsa443-06.patch xsa443-07.patch xsa443-08.patch xsa443-09.patch xsa443-10.patch xsa443-11.patch xsa444-1.patch xsa444-2.patch
* Wed Sep 27 2023 carnoldAATTsuse.com- bsc#1215744 - VUL-0: CVE-2023-34323: xen: xenstored: A transaction conflict can crash C Xenstored (XSA-440) xsa440.patch- bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU TLB flushing (XSA-442) xsa442.patch- bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple vulnerabilities in libfsimage disk handling (XSA-443) xsa443-01.patch xsa443-02.patch xsa443-03.patch xsa443-04.patch xsa443-05.patch xsa443-06.patch xsa443-07.patch xsa443-08.patch xsa443-09.patch xsa443-10.patch xsa443-11.patch- bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD: Debug Mask handling (XSA-444) xsa444-1.patch xsa444-2.patch
* Mon Sep 18 2023 carnoldAATTsuse.com- bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional execution leak via division by zero (XSA-439) xsa439-00.patch xsa439-01.patch xsa439-02.patch xsa439-03.patch xsa439-04.patch xsa439-05.patch xsa439-06.patch xsa439-07.patch xsa439-08.patch xsa439-09.patch
* Fri Sep 08 2023 carnoldAATTsuse.com- bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow reference dropped too early for 64-bit PV guests (XSA-438) xsa438.patch
* Sun Aug 13 2023 oheringAATTsuse.de- Handle potential unaligned access to bitmap in libxc-sr-restore-hvm-legacy-superpage.patch If setting BITS_PER_LONG at once, the initial bit must be aligned
* Thu Aug 10 2023 jbeulichAATTsuse.com- bsc#1212684 - xentop fails with long interface name 64d33a57-libxenstat-Linux-nul-terminate-string.patch
* Tue Aug 08 2023 carnoldAATTsuse.com- Update to Xen 4.17.2 bug fix release (bsc#1027519) xen-4.17.2-testing-src.tar.bz2
* No upstream changelog found in sources or webpage- bsc#1214082 - VUL-0: CVE-2023-20569: xen: x86/AMD: Speculative Return Stack Overflow (XSA-434)- bsc#1214083 - VUL-0: CVE-2022-40982: xen: x86/Intel: Gather Data Sampling (XSA-435)- Dropped patches contained in new tarball 64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch 645dec48-AMD-IOMMU-assert-boolean-enum.patch 64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch 646b782b-PCI-pci_get_pdev-respect-segment.patch 647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch 648863fc-AMD-IOMMU-Invalidate-All-check.patch 64bea1b2-x86-AMD-Zenbleed.patch
* Tue Aug 01 2023 oheringAATTsuse.de- Handle potential off-by-one errors in libxc-sr-xg_sr_bitmap.patch A bit is an index in bitmap, while bits is the allocated size of the bitmap.
* Fri Jul 28 2023 oheringAATTsuse.de- Add more debug to libxc-sr-track-migration-time.patch This is supposed to help with doing the math in case xl restore fails with ERANGE as reported in bug#1209311
* Tue Jul 25 2023 carnoldAATTsuse.com- bsc#1213616 - VUL-0: CVE-2023-20593: xen: x86/AMD: Zenbleed (XSA-433) 64bea1b2-x86-AMD-Zenbleed.patch
* Thu Jul 06 2023 jbeulichAATTsuse.com- Upstream bug fixes (bsc#1027519) 645dec48-AMD-IOMMU-assert-boolean-enum.patch 646b782b-PCI-pci_get_pdev-respect-segment.patch 647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch 648863fc-AMD-IOMMU-Invalidate-All-check.patch
* Mon May 22 2023 carnoldAATTsuse.com- bsc#1211433 - VUL-0: CVE-2022-42336: xen: Mishandling of guest SSBD selection on AMD hardware (XSA-431) 64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch
* Thu May 04 2023 carnoldAATTsuse.com- bsc#1210570 - gcc-13 realloc use-after-free analysis error 64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch
* Fri Apr 28 2023 carnoldAATTsuse.com- bsc#1209237 - xen-syms doesn\'t contain debug-info 643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch 643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch 6447a8fd-x86-EFI-permit-crash-dump-analysis.patch
* Thu Apr 27 2023 carnoldAATTsuse.com- Update to Xen 4.17.1 bug fix release (bsc#1027519) xen-4.17.1-testing-src.tar.bz2
* No upstream changelog found in sources or webpage- Dropped patches contained in new tarball 63a03b73-VMX-VMExit-based-BusLock-detection.patch 63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch 63a03bce-VMX-Notify-VMExit.patch 63a03e28-x86-high-freq-TSC-overflow.patch 63c05478-VMX-calculate-model-specific-LBRs-once.patch 63c05478-VMX-support-CPUs-without-model-specific-LBR.patch 63d24e91-tools-xenstore-revert-simplify-loop-handling.patch 63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch 63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch 63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch 63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch 63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch 640f3035-x86-altp2m-help-gcc13.patch 641041e8-VT-d-constrain-IGD-check.patch 64104238-bunzip-gcc13.patch 6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch 64199e0c-x86-shadow-account-for-log-dirty-mode.patch 64199e0d-x86-HVM-bound-number-of-pca-regions.patch 64199e0e-x86-HVM-serialize-pca-list-manipulation.patch 64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch libxl.fix-guest-kexec-skip-cpuid-policy.patch xsa430.patch
* Tue Apr 11 2023 carnoldAATTsuse.com- bsc#1210315 - VUL-0: CVE-2022-42335: xen: x86 shadow paging arbitrary pointer dereference (XSA-430) xsa430.patch
* Fri Mar 31 2023 carnoldAATTsuse.com- Not building the shim is correctly handled by --disable-pvshim Drop disable-building-pv-shim.patch
* Thu Mar 23 2023 jbeulichAATTsuse.com- Upstream bug fixes (bsc#1027519) 63a03b73-VMX-VMExit-based-BusLock-detection.patch 63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch 63a03bce-VMX-Notify-VMExit.patch 63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch 63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch 63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch 63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch 641041e8-VT-d-constrain-IGD-check.patch 6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch- Use \"proper\" upstream backports: 640f3035-x86-altp2m-help-gcc13.patch 64104238-bunzip-gcc13.patch 64199e0c-x86-shadow-account-for-log-dirty-mode.patch 64199e0d-x86-HVM-bound-number-of-pca-regions.patch 64199e0e-x86-HVM-serialize-pca-list-manipulation.patch 64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch- ... in place of: bunzip-gcc13.patch altp2m-gcc13.patch xsa427.patch xsa428-1.patch xsa428-2.patch xsa429.patch
* Thu Mar 16 2023 oheringAATTsuse.de- bsc#1209245 - fix host-assisted kexec/kdump for HVM domUs libxl.fix-guest-kexec-skip-cpuid-policy.patch
* Tue Mar 07 2023 carnoldAATTsuse.com- bsc#1209017 - VUL-0: CVE-2022-42332: xen: x86 shadow plus log-dirty mode use-after-free (XSA-427) xsa427.patch- bsc#1209018 - VUL-0: CVE-2022-42333,CVE-2022-42334: xen: x86/HVM pinned cache attributes mis-handling (XSA-428) xsa428-1.patch xsa428-2.patch- bsc#1209019 - VUL-0: CVE-2022-42331: xen: x86: speculative vulnerability in 32bit SYSCALL path (XSA-429) xsa429.patch
* Thu Mar 02 2023 carnoldAATTsuse.com- bsc#1208736 - GCC 13: xen package fails bunzip-gcc13.patch altp2m-gcc13.patch- Drop gcc13-fixes.patch
* Tue Feb 28 2023 carnoldAATTsuse.com- bsc#1208736 - GCC 13: xen package fails gcc13-fixes.patch
* Wed Feb 15 2023 carnoldAATTsuse.com- bsc#1208286 - VUL-0: CVE-2022-27672: xen: Cross-Thread Return Address Predictions (XSA-426) 63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch
* Thu Feb 09 2023 carnoldAATTsuse.com- bsc#1205792 - Partner-L3: launch-xenstore error messages show in SLES15 SP4 xen kernel. 63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch
* Mon Feb 06 2023 jbeulichAATTsuse.com- bsc#1026236 - tidy/modernize patch xen.bug1026236.suse_vtsc_tolerance.patch
* Mon Feb 06 2023 jbeulichAATTsuse.com- Upstream bug fixes (bsc#1027519) 63c05478-VMX-calculate-model-specific-LBRs-once.patch 63c05478-VMX-support-CPUs-without-model-specific-LBR.patch- bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause Xenstore crash via soft reset (XSA-425) xsa425.patch -> 63d24e91-tools-xenstore-revert-simplify-loop-handling.patch
* Wed Jan 25 2023 carnoldAATTsuse.com- bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause Xenstore crash via soft reset (XSA-425) xsa425.patch
* Tue Jan 03 2023 Stefan Schubert - Migration of PAM settings to /usr/lib/pam.d.
* Tue Dec 20 2022 jbeulichAATTsuse.com- Upstream bug fixes (bsc#1027519) 63a03e28-x86-high-freq-TSC-overflow.patch
* Thu Dec 08 2022 carnoldAATTsuse.com- Update to Xen 4.17.0 FCS release (jsc#PED-1858) xen-4.17.0-testing-src.tar.bz2
* On x86 \"vga=current\" can now be used together with GrUB2\'s gfxpayload setting. Note that this requires use of \"multiboot2\" (and \"module2\") as the GrUB commands loading Xen.
* The \"gnttab\" option now has a new command line sub-option for disabling the GNTTABOP_transfer functionality.
* The x86 MCE command line option info is now updated.
* Out-of-tree builds for the hypervisor now supported.
* __ro_after_init support, for marking data as immutable after boot.
* The project has officially adopted 4 directives and 24 rules of MISRA-C, added MISRA-C checker build integration, and defined how to document deviations.
* IOMMU superpage support on x86, affecting PV guests as well as HVM/PVH ones when they don\'t share page tables with the CPU (HAP / EPT / NPT).
* Support for VIRT_SSBD and MSR_SPEC_CTRL for HVM guests on AMD.
* Improved TSC, CPU, and APIC clock frequency calibration on x86.
* Support for Xen using x86 Control Flow Enforcement technology for its own protection. Both Shadow Stacks (ROP protection) and Indirect Branch Tracking (COP/JOP protection).
* Add mwait-idle support for SPR and ADL on x86.
* Extend security support for hosts to 12 TiB of memory on x86.
* Add command line option to set cpuid parameters for dom0 at boot time on x86.
* Improved static configuration options on Arm.
* cpupools can be specified at boot using device tree on Arm.
* It is possible to use PV drivers with dom0less guests, allowing statically booted dom0less guests with PV devices.
* On Arm, p2m structures are now allocated out of a pool of memory set aside at domain creation.
* Improved mitigations against Spectre-BHB on Arm.
* Support VirtIO-MMIO devices device-tree binding creation in toolstack on Arm.
* Allow setting the number of CPUs to activate at runtime from command line option on Arm.
* Grant-table support on Arm was improved and hardened by implementing \"simplified M2P-like approach for the xenheap pages\"
* Add Renesas R-Car Gen4 IPMMU-VMSA support on Arm.
* Add i.MX lpuart and i.MX8QM support on Arm.
* Improved toolstack build system.
* Add Xue - console over USB 3 Debug Capability.
* gitlab-ci automation: Fixes and improvements together with new tests.
* dropped support for the (x86-only) \"vesa-mtrr\" and \"vesa-remap\" command line options- Drop patches contained in new tarball or invalid 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch xsa410-01.patch xsa410-02.patch xsa410-03.patch xsa410-04.patch xsa410-05.patch xsa410-06.patch xsa410-07.patch xsa410-08.patch xsa410-09.patch xsa410-10.patch xsa411.patch
* Wed Sep 28 2022 carnoldAATTsuse.com- bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may take excessively long (XSA-410) xsa410-01.patch xsa410-02.patch xsa410-03.patch xsa410-04.patch xsa410-05.patch xsa410-06.patch xsa410-07.patch xsa410-08.patch xsa410-09.patch xsa410-10.patch- bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in transitive grant copy handling (XSA-411) xsa411.patch
* Wed Aug 31 2022 Stefan Schubert - Migration to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update.
* Mon Aug 29 2022 carnoldAATTsuse.com- bsc#1201994 - Xen DomU unable to emulate audio device 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch
* Tue Aug 23 2022 carnoldAATTsuse.com- Things are compiling fine now with gcc12. Drop gcc12-fixes.patch
* Thu Aug 18 2022 carnoldAATTsuse.com- Update to Xen 4.16.2 bug fix release (bsc#1027519) xen-4.16.2-testing-src.tar.bz2
* No upstream changelog found in sources or webpage- Drop patches contained in new tarball 625fca42-VT-d-reserved-CAP-ND.patch 626f7ee8-x86-MSR-handle-P5-MC-reads.patch 627549d6-IO-shutdown-race.patch 62a1e594-x86-clean-up-_get_page_type.patch 62a1e5b0-x86-ABAC-race-in-_get_page_type.patch 62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch 62a1e5f0-x86-dont-change-cacheability-of-directmap.patch 62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch 62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch 62a1e649-x86-track-and-flush-non-coherent.patch 62a99614-IOMMU-x86-gcc12.patch 62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch 62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch 62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch 62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch 62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch 62c56cc0-libxc-fix-compilation-error-with-gcc13.patch 62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch 62cc31ee-cmdline-extend-parse_boolean.patch 62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch 62cd91d0-x86-spec-ctrl-rework-context-switching.patch 62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch 62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch 62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch 62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch 62cd91d5-x86-cpuid-BTC_NO-enum.patch 62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch 62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch xsa408.patch
* Thu Jul 28 2022 oheringAATTsuse.de- bsc#1167608, bsc#1201631 - fix built-in default of max_event_channels A previous change to the built-in default had a logic error, effectively restoring the upstream limit of 1023 channels per domU. Fix the logic to calculate the default based on the number of vcpus. adjust libxl.max_event_channels.patch
* Wed Jul 13 2022 carnoldAATTsuse.com- Added --disable-pvshim when running configure in xen.spec. We have never shipped the shim and don\'t need to build it.
* Wed Jul 13 2022 jbeulichAATTsuse.com- bsc#1199965 - VUL-0: CVE-2022-26362: xen: Race condition in typeref acquisition 62a1e594-x86-clean-up-_get_page_type.patch 62a1e5b0-x86-ABAC-race-in-_get_page_type.patch- bsc#1199966 - VUL-0: CVE-2022-26363,CVE-2022-26364: xen: Insufficient care with non-coherent mappings 62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch 62a1e5f0-x86-dont-change-cacheability-of-directmap.patch 62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch 62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch 62a1e649-x86-track-and-flush-non-coherent.patch- bsc#1200549 VUL-0: CVE-2022-21123,CVE-2022-21125,CVE-2022-21166: xen: x86: MMIO Stale Data vulnerabilities (XSA-404) 62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch 62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch 62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch- bsc#1201469 - VUL-0: CVE-2022-23816,CVE-2022-23825,CVE-2022-29900: xen: retbleed - arbitrary speculative code execution with return instructions (XSA-407) 62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch 62cc31ee-cmdline-extend-parse_boolean.patch 62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch 62cd91d0-x86-spec-ctrl-rework-context-switching.patch 62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch 62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch 62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch 62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch 62cd91d5-x86-cpuid-BTC_NO-enum.patch 62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch 62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch- Upstream bug fixes (bsc#1027519) 62a99614-IOMMU-x86-gcc12.patch 62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch 62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch- Drop patches replaced by upstream versions xsa401-1.patch xsa401-2.patch xsa402-1.patch xsa402-2.patch xsa402-3.patch xsa402-4.patch xsa402-5.patch
* Tue Jul 12 2022 carnoldAATTsuse.com- bsc#1201394 - VUL-0: CVE-2022-33745: xen: insufficient TLB flush for x86 PV guests in shadow mode (XSA-408) xsa408.patch- Fix gcc13 compilation error 62c56cc0-libxc-fix-compilation-error-with-gcc13.patch
* Tue Jun 28 2022 Stefan Schubert - Moved logrotate files from user specific directory /etc/logrotate.d to vendor specific directory /usr/etc/logrotate.d.
* Wed Jun 08 2022 jbeulichAATTsuse.com- bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen: Insufficient care with non-coherent mappings fix xsa402-5.patch
* Tue May 31 2022 jbeulichAATTsuse.com- Upstream bug fixes (bsc#1027519) 625fca42-VT-d-reserved-CAP-ND.patch 626f7ee8-x86-MSR-handle-P5-MC-reads.patch 627549d6-IO-shutdown-race.patch- bsc#1199965 - VUL-0: EMBARGOED: CVE-2022-26362: xen: Race condition in typeref acquisition xsa401-1.patch xsa401-2.patch- bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen: Insufficient care with non-coherent mappings xsa402-1.patch xsa402-2.patch xsa402-3.patch xsa402-4.patch xsa402-5.patch
* Tue May 10 2022 Dirk Müller - fix python3 >= 3.10 version detection
* Wed Apr 13 2022 carnoldAATTsuse.com- Update to Xen 4.16.1 bug fix release (bsc#1027519) xen-4.16.1-testing-src.tar.bz2- Drop patches contained in new tarball 61b31d5c-x86-restrict-all-but-self-IPI.patch 61b88e78-x86-CPUID-TSXLDTRK-definition.patch 61bc429f-revert-hvmloader-PA-range-should-be-UC.patch 61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch 61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch 61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch 61e0296a-x86-time-calibration-relative-counts.patch 61e029c8-x86-time-TSC-freq-calibration-accuracy.patch 61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch 61e98e88-x86-introduce-get-set-reg-infra.patch 61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch 61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch 61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch 61eaaa23-x86-get-set-reg-infra-build.patch 61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch 61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch 61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch 61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch 61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch 61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch 61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch 61f933a4-x86-cpuid-advertise-SSB_NO.patch 61f933a5-x86-drop-use_spec_ctrl-boolean.patch 61f933a6-x86-new-has_spec_ctrl-boolean.patch 61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch 61f933a8-x86-SPEC_CTRL-record-last-write.patch 61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch 61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch 61f933ab-x86-AMD-SPEC_CTRL-infra.patch 61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch 61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch 6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch 6202afa4-x86-TSX-move-has_rtm_always_abort.patch 6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch 6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch 6202afa8-x86-Intel-PSFD-for-guests.patch 62278667-Arm-introduce-new-processors.patch 62278668-Arm-move-errata-CSV2-check-earlier.patch 62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch 6227866a-Arm-Spectre-BHB-handling.patch 6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch 6227866c-x86-AMD-cease-using-thunk-lfence.patch 6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch 624ebcef-VT-d-dont-needlessly-look-up-DID.patch 624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch 624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch xsa397.patch xsa399.patch xsa400-01.patch xsa400-02.patch xsa400-03.patch xsa400-04.patch xsa400-05.patch xsa400-06.patch xsa400-07.patch xsa400-08.patch xsa400-09.patch xsa400-10.patch xsa400-11.patch xsa400-12.patch
* Fri Apr 08 2022 jbeulichAATTsuse.com- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359, CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues (XSA-400) 624ebcef-VT-d-dont-needlessly-look-up-DID.patch 624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch 624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch
* Mon Apr 04 2022 carnoldAATTsuse.com- bsc#1197423 - VUL-0: CVE-2022-26356: xen: Racy interactions between dirty vram tracking and paging log dirty hypercalls (XSA-397) xsa397.patch- bsc#1197425 - VUL-0: CVE-2022-26357: xen: race in VT-d domain ID cleanup (XSA-399) xsa399.patch- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359, CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues (XSA-400) xsa400-01.patch xsa400-02.patch xsa400-03.patch xsa400-04.patch xsa400-05.patch xsa400-06.patch xsa400-07.patch xsa400-08.patch xsa400-09.patch xsa400-10.patch xsa400-11.patch xsa400-12.patch- Additional upstream bug fixes for XSA-400 (bsc#1027519) 61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch 61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch 6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch
* Mon Mar 14 2022 jbeulichAATTsuse.com- bsc#1196915 - VUL-0: CVE-2022-0001, CVE-2022-0002,CVE-2021-26401: xen: BHB speculation issues (XSA-398) 62278667-Arm-introduce-new-processors.patch 62278668-Arm-move-errata-CSV2-check-earlier.patch 62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch 6227866a-Arm-Spectre-BHB-handling.patch 6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch 6227866c-x86-AMD-cease-using-thunk-lfence.patch
* Thu Mar 03 2022 carnoldAATTsuse.com- bsc#1196545 - GCC 12: xen package fails gcc12-fixes.patch
* Mon Feb 14 2022 jbeulichAATTsuse.com- Upstream bug fixes (bsc#1027519) 61e0296a-x86-time-calibration-relative-counts.patch 61e029c8-x86-time-TSC-freq-calibration-accuracy.patch 61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch 61e98e88-x86-introduce-get-set-reg-infra.patch 61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch 61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch 61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch 61eaaa23-x86-get-set-reg-infra-build.patch 61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch 61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch 61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch 61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch 61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch 61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch 61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch 61f933a4-x86-cpuid-advertise-SSB_NO.patch 61f933a5-x86-drop-use_spec_ctrl-boolean.patch 61f933a6-x86-new-has_spec_ctrl-boolean.patch 61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch 61f933a8-x86-SPEC_CTRL-record-last-write.patch 61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch 61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch 61f933ab-x86-AMD-SPEC_CTRL-infra.patch 61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch 61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch 6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch 6202afa4-x86-TSX-move-has_rtm_always_abort.patch 6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch 6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch 6202afa8-x86-Intel-PSFD-for-guests.patch- Drop patches replaced by the above: xsa393.patch xsa394.patch xsa395.patch libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch
* Thu Jan 13 2022 carnoldAATTsuse.com- bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm: guest_physmap_remove_page not removing the p2m mappings (XSA-393) xsa393.patch- bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS Xen while unmapping a grant (XSA-394) xsa394.patch- bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of passed-through device IRQs (XSA-395) xsa395.patch
* Wed Jan 12 2022 carnoldAATTsuse.com- bsc#1191668 - L3: issue around xl and virsh operation - virsh list not giving any output (see also bsc#1194267) libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch
* Tue Jan 11 2022 carnoldAATTsuse.com- bsc#1193307 - pci backend does not exist when attach a vf to a pv guest libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch Drop libxl-PCI-defer-backend-wait.patch
* Thu Jan 06 2022 jbeulichAATTsuse.com- bsc#1193447 - Slow execution of hvmloader+ovmf when VM contains an sriov device 61bc429f-revert-hvmloader-PA-range-should-be-UC.patch- Upstream bug fixes (bsc#1027519) 61b31d5c-x86-restrict-all-but-self-IPI.patch 61b88e78-x86-CPUID-TSXLDTRK-definition.patch 61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch
* Tue Jan 04 2022 James Fehlig - Collect active VM config files in the supportconfig plugin xen-supportconfig
  
ICM