Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

lib64xen3.0-4.16.1-4.mga9 RPM for aarch64

From Mageia Cauldron for aarch64 / media / core / release

Name: lib64xen3.0 Distribution: Mageia
Version: 4.16.1 Vendor: Mageia.Org
Release: 4.mga9 Build date: Fri Jul 8 15:03:35 2022
Group: System/Libraries Build host: localhost
Size: 1479280 Source RPM: xen-4.16.1-4.mga9.src.rpm
Packager: tv <tv>
Summary: Libraries for Xen tools
This package contains the libraries needed to run applications
which manage Xen virtual machines.




GPLv2+ and LGPLv2+ and BSD


* Fri Jul 08 2022 tv <tv> 4.16.1-4.mga9
  + Revision: 1868019
  - Linux disk/nic frontends data leaks [XSA-403, CVE-2022-26365,
    	CVE-2022-33740, CVE-2022-33741, CVE-2022-33742] (#2104747)
* Wed Jun 29 2022 tv <tv> 4.16.1-3.mga9
  + Revision: 1866672
  - x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123,
    	CVE-2022-21125, CVE-2022-21166]
  - x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362]
  - x86 pv: Insufficient care with non-coherent mappings [ XSA-402,
    	CVE-2022-26363, CVE-2022-26364]
  - additional patches so above applies cleanly
* Thu May 19 2022 pterjan <pterjan> 4.16.1-2.mga9
  + Revision: 1859023
  - Rebuild for OCaml 4.14
* Fri Apr 15 2022 tv <tv> 4.16.1-1.mga9
  + Revision: 1850236
  - update to xen-4.16.1
  - strip .efi file to help EFI partitions with limited space
* Wed Apr 06 2022 tv <tv> 4.16.0-7.mga9
  + Revision: 1846236
  - Racy interactions between dirty vram tracking and paging log dirty
    	hypercalls [XSA-397, CVE-2022-26356]
  - race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]
  - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400,
    	CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]
  - additional patches so above applies cleanly
* Tue Mar 22 2022 tv <tv> 4.16.0-6.mga9
  + Revision: 1817555
  - Fix filelist on armv7hl
* Tue Mar 22 2022 tv <tv> 4.16.0-5.mga9
  + Revision: 1816807
  - Reenable EFI build & cross-compiling on ia32
  - fix build of xen*.efi file and package it in /usr/lib*/efi
  - Use -Wno-error=use-after-free for gcc12
* Wed Mar 16 2022 tv <tv> 4.16.0-4.mga9
  + Revision: 1794756
  - Multiple speculative security issues [XSA-398]
  - additional patches so above applies cleanly
* Mon Feb 14 2022 tv <tv> 4.16.0-3.mga9
  + Revision: 1774873
  - Disable docs for now
  - arm: guest_physmap_remove_page not removing the p2m mappings [XSA-393,
    	CVE-2022-23033] (#2045044)
  - A PV guest could DoS Xen while unmapping a grant [XSA-394, CVE-2022-23034]
  - Insufficient cleanup of passed-through device IRQs [XSA-395,
    	CVE-2022-23035] (#2045040)
  + tmb <tmb>
  - rebuild for python 3.10
* Tue Jan 11 2022 tv <tv> 4.16.0-1.mga9
  + Revision: 1767945
  - Move /lib/xenfsimage into library package
  - don't build qemu-traditional or pv-grub by default (following upstream)
  - fix some incorrect dependencies on building qemu-traditional
  - rework seabios configure logic (bios.bin is no longer useful)
  - unpackage /boot/EFI/EFI/mageia/xen*.efi
  - frontends vulnerable to backends [XSA-376] (document change only)
  - change grub module package dependencies from Suggests to Recommends
    and move to hypervisor package
  - Revert back iproute2 -> iproute for easier comp with FC (it's provided)
  - 4.16.0
* Wed Nov 24 2021 tv <tv> 4.15.1-2.mga9
  + Revision: 1759032
  - guests may exceed their designated memory limit [XSA-385, CVE-2021-28706]
  - PoD operations on misaligned GFNs [XSA-388, CVE-2021-28704, CVE-2021-28707
  - issues with partially successful P2M updates on x86 [XSA-389,
    	CVE-2021-28705, CVE-2021-28709]
  - certain VT-d IOMMUs may not work in shared page table mode [XSA-390,
* Mon Nov 01 2021 tv <tv> 4.15.1-1.mga9
  + Revision: 1753539
  - update to xen-4.15.1
    remove or adjust patches now included or superceded upstream
  - PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702]
* Thu Oct 14 2021 tv <tv> 4.15.0-6.mga9
  + Revision: 1751385
  - Rebuild for ocaml 4.13.1
* Sun Jun 13 2021 tv <tv> 4.15.0-5.mga9
  + Revision: 1730567
  - xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693]
  - inappropriate x86 IOMMU timeout detection / handling
    	[XSA-373, CVE-2021-28692] (#1970540)
  - Speculative Code Store Bypass [XSA-375, CVE-2021-0089, CVE-2021-26313]
  - x86: TSX Async Abort protections not restored after S3
    	[XSA-377, CVE-2021-28690] (#1970546)
* Thu May 06 2021 tv <tv> 4.15.0-4.mga9
  + Revision: 1721691
  - Update patches
  - Bump ABI
  + alien <alien>
  - Ensure ocaml version due to needed features
  - Fix iproute2 build requirement
* Sun Apr 18 2021 tv <tv> 4.15.0-3.mga9
  + Revision: 1716814
  - 4.15.0
  - Rediff patches
  - Drop merged patches
* Sun Mar 28 2021 tv <tv> 4.14.1-4.mga9
  + Revision: 1711256
  - HVM soft-reset crashes toolstack [XSA-368, CVE-2021-28687] (rhbz#1940610)
  - Adjust efi test to stop build failing
* Sat Mar 27 2021 tv <tv> 4.14.1-3.mga9
  + Revision: 1711236
  - Only disable EFI filelist on x86_64
  - Temporary remove EFI from filelist due to "xen.efi generation disabled" (????)
  - Build fixes for OCaml 4.12.0
* Sun Feb 28 2021 tv <tv> 4.14.1-2.mga9
  + Revision: 1693573
  - Linux: display frontend "be-alloc" mode is unsupported (comment only)
    	[XSA-363, CVE-2021-26934] (#1929549)
  - arm: The cache may not be cleaned for newly allocated scrubbed pages
    	[XSA-364, CVE-2021-26933] (#1929547)
  - backport upstream zstd dom0 and guest patches
  - BR libzstd
  - add weak dependency on grub modules to improve initial boot setup
  - IRQ vector leak on x86 [XSA-360]
* Mon Dec 21 2020 tv <tv> 4.14.1-1.mga8
  + Revision: 1662465
  - update to 4.14.1
* Wed Dec 16 2020 tv <tv> 4.14.0-11.mga8
  + Revision: 1658002
  - xenstore watch notifications lacking permission checks [XSA-115,
    	CVE-2020-29480] (rhbz#1908091)
  - Xenstore: new domains inheriting existing node permissions [XSA-322,
    	CVE-2020-29481] (rhbz#1908095)
  - Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (rhbz#1908096)
  - Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484]
  - Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483]
  - oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485]
  - undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566]
  - oxenstored: node ownership can be changed by unprivileged clients
    	[XSA-352, CVE-2020-29486] (rhbz#1908002)
  - oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479]
  - infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567]
  - FIFO event channels control block related ordering [XSA-358,
    	CVE-2020-29570] (rhbz#1907931)
  - FIFO event channels control structure ordering [XSA-359, CVE-2020-29571]
  - Work around another gcc-11 stringop-overflow diagnostic
* Wed Nov 25 2020 tv <tv> 4.14.0-10.mga8
  + Revision: 1649191
  - stack corruption from XSA-346 change [XSA-355]
* Mon Nov 23 2020 tv <tv> 4.14.0-9.mga8
  + Revision: 1648810
  - Support zstd compressed kernels (dom0 only) based on linux kernel code
* Wed Nov 11 2020 tv <tv> 4.14.0-8.mga8
  + Revision: 1644447
  - Information leak via power sidechannel [XSA-351, CVE-2020-28368]
* Wed Nov 04 2020 tv <tv> 4.14.0-7.mga8
  + Revision: 1642581
  - revised patch for XSA-286 (mitigating performance impact)
  - Work around gcc-11 stringop-overflow diagnostics as well
* Thu Oct 29 2020 tv <tv> 4.14.0-6.1.mga8
  + Revision: 1640521
  - updage grub2 config when (un)installing hypervisor
  - x86 PV guest INVLPG-like flushes may leave stale TLB entries
    	[XSA-286, CVE-2020-27674] (#1891092)
  - some fixes for gcc 11
  - switch to systemd macros, use them in the sub pkgs
  - drop the requires on grub (useless)
  - drop the requires on kmod (already in basesystem)
  - drop obsolete BR on texi2html ghostscript tetex-latex
  - requires kpartx
  - fix license
* Wed Oct 21 2020 tv <tv> 4.14.0-5.mga8
  + Revision: 1637766
  - create a xen-licenses collecting all sub licenses
  - split runtime in order to minimize deps
  - add xen-hypervisor-abi provides
  - do not hard requires the full qemu stack (deps!)
* Tue Oct 20 2020 tv <tv> 4.14.0-4.mga8
  + Revision: 1637400
  - x86: Race condition in Xen mapping code [XSA-345]
  - undue deferral of IOMMU TLB flushes [XSA-346]
  - unsafe AMD IOMMU page table updates [XSA-347]
  - do not require non existing kernel-server on arm
* Wed Sep 23 2020 tv <tv> 4.14.0-3.mga8
  + Revision: 1629525
  - x86 pv: Crash when handling guest access to MSR_MISC_ENABLE [XSA-333,
    	CVE-2020-25602] (rhbz#1881619)
  - Missing unlock in XENMEM_acquire_resource error path [XSA-334,
    	CVE-2020-25598] (rhbz#1881616)
  - race when migrating timers between x86 HVM vCPU-s [XSA-336,
    	CVE-2020-25604] (rhbz#1881618)
  - PCI passthrough code reading back hardware registers [XSA-337,
    	CVE-2020-25595] (rhbz#1881587)
  - once valid event channels may not turn invalid [XSA-338, CVE-2020-25597]
  - x86 pv guest kernel DoS via SYSENTER [XSA-339, CVE-2020-25596]
  - Missing memory barriers when accessing/allocating an event channel [XSA-340,
    	CVE-2020-25603] (rhbz#1881583)
  - out of bounds event channels available to 32-bit x86 domains [XSA-342,
    	CVE-2020-25600] (rhbz#1881582)
  - races with evtchn_reset() [XSA-343, CVE-2020-25599] (rhbz#1881581)
  - lack of preemption in evtchn_reset() / evtchn_destroy() [XSA-344,
    	CVE-2020-25601] (rhbz#1881586)
* Tue Aug 25 2020 tv <tv> 4.14.0-2.mga8
  + Revision: 1618903
  - QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364]
* Sat Aug 01 2020 tv <tv> 4.14.0-1.mga8
  + Revision: 1610277
  - update to 4.14.0
    remove or adjust patches now included or superceded upstream
    adjust xen.hypervisor.config
    bison and flex packages now needed for hypervisor build
    /usr/bin/vchan-socket-proxy and /usr/sbin/xenhypfs have been added
    	with associated libraries and man page
  - revise documentation build dependencies
    drop tex, texinfo, ghostscript, graphviz, discount
    add perl(Pod::Html) perl(File::Find)
  - additional build dependency for ocaml on perl(Data::Dumper)
* Wed Jul 08 2020 tv <tv> 4.13.1-3.mga8
  + Revision: 1603032
  - incorrect error handling in event channel port allocation leads to
    	DoS [XSA-317, CVE-2020-15566] (#1854465)
  - inverted code paths in x86 dirty VRAM tracking leads to DoS
    	[XSA-319, CVE-2020-15563] (#1854463)
  - xen: insufficient cache write-back under VT-d leads to DoS
    	[XSA-321, CVE-2020-15565] (#1854467)
  - missing alignment check in VCPUOP_register_vcpu_info leads to DoS
    	[XSA-327, CVE-2020-15564] (#1854458)
  - non-atomic modification of live EPT PTE leads to DoS
    	[XSA-328, CVE-2020-15567] (#1854464)



Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Nov 9 09:27:34 2022