-
xen (4.1.5-0ubuntu0.12.10.3) quantal-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2014-1892, CVE-2014-1893 / XSA-84
* flask: restrict allocations done by hypercall interface
- CVE-2014-1666 / XSA-87
* x86: PHYSDEVOP_{prepare,release}_msix are privileged
- CVE-2014-1950 / XSA-88
* libxc: Fix out-of-memory error handling in xc_cpupool_getinfo()
-- Stefan Bader <email address hidden> Mon, 17 Feb 2014 16:26:55 +0100
-
xen (4.1.5-0ubuntu0.12.10.2) quantal-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2013-1432 / XSA-58
* Page reference counting error due to XSA-45/CVE-2013-1918 fixes
- CVE-2013-4329 / XSA-61
* libxl partially sets up HVM passthrough even with disabled iommu
- CVE-2013-1442 / XSA-62
* Information leak on AVX and/or LWP capable CPUs
- CVE-2013-4355 / XSA-63
- CVE-2013-4361 / XSA-66
Information leak through fbld instruction emulation
- CVE-2013-4368 / XSA-67
* Information leak through outs instruction emulation
- CVE-2013-4370 / XSA-69
* misplaced free in ocaml xc_vcpu_getaffinity stub
- CVE-2013-4416 / XSA-72
* ocaml xenstored mishandles oversized message replies
- CVE-2013-4494 / XSA-73
* Lock order reversal between page allocation and grant table locks
- CVE-2013-4553 / XSA-74
* Lock order reversal between page_alloc_lock and mm_rwlock
- CVE-2013-4554 / XSA-76
* Hypercalls exposed to privilege rings 1 and 2 of HVM guests
- CVE-2013-6885 / XSA-82
* Guest triggerable AMD CPU erratum may cause host hang
-- Stefan Bader <email address hidden> Mon, 09 Dec 2013 19:27:27 +0100
-
xen (4.1.5-0ubuntu0.12.10.1) quantal-proposed; urgency=low
* Updating to lastest upstream stable release (LP: #1180396).
* Update to upstream 4.1.5:
- Replacing the following security changes by upstream versions:
* CVE-2012-5634 / XSA-33, CVE-2013-0153 / XSA-36,
CVE-2013-0215 / XSA-38, CVE-2012-6075 / XSA-41,
CVE-2013-1917 / XSA-44, CVE-2013-1919 / XSA-46,
CVE-2013-1920 / XSA-47, CVE-2013-1964 / XSA-50
- Bug fixes:
* ACPI APEI/ERST finally working on production systems
* Bug fixes for other low level system state handling
* Support for xz compressed Dom0 and DomU kernels
* Update to upstream 4.1.4:
- Replacing the following security changes by upstream versions:
* CVE-2012-3494 / XSA-12, CVE-2012-3495 / XSA-13,
CVE-2012-3496 / XSA-14, CVE-2012-3498 / XSA-16,
CVE-2012-3515 / XSA-17, CVE-2012-4411 / XSA-19,
CVE-2012-4535 / XSA-20, CVE-2012-4536 / XSA-21,
CVE-2012-4537 / XSA-22, CVE-2012-4538 / XSA-23,
CVE-2012-4539 / XSA-24, CVE-2012-4544 / XSA-25,
CVE-2012-2625 / XSA-25, CVE-2012-5510 / XSA-26,
CVE-2012-5511 / XSA-27, CVE-2012-5512 / XSA-28,
CVE-2012-5513 / XSA-29, CVE-2012-5514 / XSA-30,
CVE-2012-5515 / XSA-31
- Bug fixes:
* A fix for a long standing time management issue
* Bug fixes for S3 (suspend to RAM) handling
* Bug fixes for other low level system state handling
* Dropping the following patches previously added as they are included
in the upstream stable release:
- 0008-vmx-Simplify-cr0-update-handling-by-deferring-cr4-ch.patch
- 0009-VMX-disable-SMEP-feature-when-guest-is-in-non-paging.patch
- 0010-VMX-Always-disable-SMEP-when-guest-is-in-non-paging-.patch
* Fix translation import problem caused by duplicate message ID
(LP: #1176209).
- tools-xm-fix-duplicate-msgid.patch
-- Stefan Bader <email address hidden> Thu, 02 May 2013 13:14:43 -0700
-
xen (4.1.3-3ubuntu1.7) quantal-security; urgency=low
* Applying Xen Security Advisories
- CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA55
* libelf: abolish libelf-relocate.c
* libxc: introduce xc_dom_seg_to_ptr_pages
* libxc: Fix range checking in xc_dom_pfn_to_ptr etc.
* libelf: abolish elf_sval and elf_access_signed
* libelf/xc_dom_load_elf_symtab: Do not use "syms" uninitialised
* libelf: introduce macros for memory access and pointer handling
* tools/xcutils/readnotes: adjust print_l1_mfn_valid_note
* libelf: check nul-terminated strings properly
* libelf: check all pointer accesses
* libelf: Check pointer references in elf_is_elfbinary
* libelf: Make all callers call elf_check_broken
* libelf: use C99 bool for booleans
* libelf: use only unsigned integers
* libxc: Introduce xc_bitops.h
* libelf: check loops for running away
* libelf: abolish obsolete macros
* libxc: Add range checking to xc_dom_binloader
* libxc: check failure of xc_dom_*_to_ptr, xc_map_foreign_range
* libxc: check return values from malloc
* libxc: range checks in xc_dom_p2m_host and _guest
* libxc: check blob size before proceeding in xc_dom_check_gzip
- CVE-XXXX-XXXX / XSA57
* libxl: Restrict permissions on PV console device xenstore nodes
-- Stefan Bader <email address hidden> Fri, 21 Jun 2013 14:44:27 +0200
-
xen (4.1.3-3ubuntu1.6) quantal-security; urgency=low
* Applying Xen Security Advisories
- CVE-2013-1918 / XSA-45
* x86: make vcpu_destroy_pagetables() preemptible
* x86: make new_guest_cr3() preemptible
* x86: make MMUEXT_NEW_USER_BASEPTR preemptible
* x86: make vcpu_reset() preemptible
* x86: make arch_set_info_guest() preemptible
* x86: make page table unpinning preemptible
* x86: make page table handling error paths preemptible
- CVE-2013-1952 / XSA-49
* VT-d: don't permit SVT_NO_VERIFY entries for known device types
- CVE-2013-1964 / XSA-50
* Fix rcu domain locking for transitive grants
- CVE-2013-2076 / XSA-52
* x86/xsave: fix information leak on AMD CPUs
- CVE-2013-2077 / XSA-53
* x86/xsave: recover from faults on XRSTOR
- CVE-2013-2078 / XSA-54
* x86/xsave: properly check guest input to XSETBV
- CVE-2013-2072 / XSA-56
* libxc: limit cpu values when setting vcpu affinity
-- Stefan Bader <email address hidden> Thu, 06 Jun 2013 16:04:42 +0200
-
xen (4.1.3-3ubuntu1.5) quantal-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2013-1917 / XSA-44
x86: clear EFLAGS.NT in SYSENTER entry path
- CVE-2013-1919 / XSA-46
x86: fix various issues with handling guest IRQs
- CVE-2013-1920 / XSA-47
defer event channel bucket pointer store until after XSM checks
-- Stefan Bader <email address hidden> Thu, 11 Apr 2013 16:05:32 +0200
-
xen (4.1.3-3ubuntu1.4) quantal-proposed; urgency=low
* Fix HVM VCPUs getting stuck on boot when host supports SMEP (LP: #1157757)
- 0008-vmx-Simplify-cr0-update-handling-by-deferring-cr4-ch.patch
- 0009-VMX-disable-SMEP-feature-when-guest-is-in-non-paging.patch
- 0010-VMX-Always-disable-SMEP-when-guest-is-in-non-paging-.patch
-- Stefan Bader <email address hidden> Mon, 08 Apr 2013 14:37:33 +0200
-
xen (4.1.3-3ubuntu1.3) quantal-security; urgency=low
* Applying Xen Security Advisories:
- ACPI: acpi_table_parse() should return handler's error code
CVE-2013-0153 / XSA-36
- oxenstored incorrect handling of certain Xenbus ring states
CVE-2013-0215 / XSA-38
-- Stefan Bader <email address hidden> Wed, 30 Jan 2013 12:10:44 +0100
-
xen (4.1.3-3ubuntu1.2) quantal-security; urgency=low
* Applying Xen Security Advisory:
- VT-d: fix interrupt remapping source validation for devices behind
legacy bridges
CVE-2012-5634
* Applying qemu security fixes:
- e1000: Discard packets that are too long if !SBP and !LPE
CVE-2012-6075
- Discard packets longer than 16384 when !SBP to match the hardware
behavior.
CVE-2012-6075
-- Stefan Bader <email address hidden> Mon, 07 Jan 2013 18:27:43 +0100
-
xen (4.1.3-3ubuntu1.1) quantal-security; urgency=low
* Applying Xen Security fixes (LP: #1086801, #1086875)
- VCPU/timers: Prevent overflow in calculations, leading to DoS
vulnerability
CVE-2012-4535
- x86/physdev: Range check pirq parameter from guests
CVE-2012-4536
- x86/physmap: Prevent incorrect updates of m2p mappings
CVE-2012-4537
- xen/mm/shadow: check toplevel pagetables are present before unhooking
them
CVE-2012-4538
- compat/gnttab: Prevent infinite loop in compat code
CVE-2012-4539
- libxc: builder: limit maximum size of kernel/ramdisk
CVE-2012-4544
- gnttab: fix releasing of memory upon switches between versions
CVE-2012-5510
- hvm: Limit the size of large HVM op batches
CVE-2012-5511
- x86/HVM: range check xen_hvm_set_mem_access.hvmmem_access before use
CVE-2012-5512
- xen: add missing guest address range checks to XENMEM_exchange handlers
CVE-2012-5513
- xen: fix error handling of guest_physmap_mark_populate_on_demand()
CVE-2012-5514
- memop: limit guest specified extent order
CVE-2012-5515
-- Stefan Bader <email address hidden> Wed, 05 Dec 2012 16:40:48 +0100
-
xen (4.1.3-3ubuntu1) quantal; urgency=low
* Merge from Debian unstable. Remaining changes:
- libxenstore3.0: Conflict and replaces libxen3.
- libxen-dev: Conflict and replaces libxen3-dev.
- xenstore-utils: Conflict and replaces libxen3.
- xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
and xen-utils-4.1.
- Change depend back to ipxe as we do not have ipxe-qemu.
- etherboot: Change the config back to include the 8086100e.rom
- Dropped:
- Make sure the LDFLAGS value passed is suitable for use by ld
rather than gcc. Right now there seem to be no LDFLAGS passed.
* Backported AMD specific improvements from upstream Xen (LP: #1009098):
- svm: Do not intercept RDTSC(P) when TSC scaling is supported by hardware
- x86: Use deep C states for off-lined CPUs
- x86/AMD: Add support for AMD's OSVW feature in guests.
- hvm: vpmu: Enable HVM VPMU for AMD Family 12h and 14h processors
-- Stefan Bader <email address hidden> Thu, 27 Sep 2012 21:27:44 +0200
-
xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-4ubuntu1) quantal; urgency=low
[ Ubuntu Merge-o-Matic ]
* Merge from Debian unstable. Remaining changes:
- Thanks to Stefan Bader.
- libxenstore3.0: Conflict and replaces libxen3.
- libxen-dev: Conflict and replaces libxen3-dev.
- xenstore-utils: Conflict and replaces libxen3.
- xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
and xen-utils-4.1.
- Change depend back to ipxe as we do not have ipxe-qemu.
- etherboot: Change the config back to include the 8086100e.rom
- Dropped:
- Make sure the LDFLAGS value passed is suitable for use by ld
rather than gcc. Right now there seem to be no LDFLAGS passed.
xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-4) unstable; urgency=low
* Add Build-Using info to xen-utils package.
* Fix build-arch target.
xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-3) unstable; urgency=low
* Remove /usr/lib/xen-default. It breaks systems if xenstored is not
compatible.
* Fix init script usage.
* Fix udev rules for emulated network devices:
- Force names of emulated network devices to a predictable name.
xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-2) unstable; urgency=low
* Fix pointer missmatch in interrupt functions. Fixes build on i386.
xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-1) unstable; urgency=low
* New upstream snapshot.
- Fix privilege escalation and syscall/sysenter DoS while using
non-canonical addresses by untrusted PV guests. (closes: #677221)
CVE-2012-0217
CVE-2012-0218
- Disable Xen on CPUs affected by AMD Erratum #121. PV guests can
cause a DoS of the host.
CVE-2012-2934
* Don't fail if standard toolstacks are not available. (closes: #677244)
xen (4.1.2-7) unstable; urgency=low
* Really use ucf.
* Update init script dependencies:
- Start $syslog before xen.
- Start drbd and iscsi before xendomains. (closes: #626356)
- Start corosync and heartbeat after xendomains.
* Remove /var/log/xen on purge. (closes: #656216)
xen (4.1.2-6) unstable; urgency=low
* Fix generation of architectures for hypervisor packages.
* Remove information about loop devices, it is incorrect. (closes: #503044)
* Update xendomains init script:
- Create directory for domain images only root readable. (closes: #596048)
- Add missing sanity checks for variables. (closes: #671750)
- Remove not longer supported config options.
- Don't fail if no config is available.
- Remove extra output if domain was restored.
xen (4.1.2-5) unstable; urgency=low
* Actually force init script rename. (closes: #669341)
* Fix long output from xl.
* Move complete init script setup.
* Rewrite xendomains init script:
- Use LSB output functions.
- Make output more clear.
- Use xen toolstack wrapper.
- Use a python script to properly read domain details.
* Set name for Domain-0.
xen (4.1.2-4) unstable; urgency=low
[ Bastian Blank ]
* Build-depend on ipxe-qemu instead of ipxe. (closes: #665070)
* Don't longer use a4wide latex package.
* Use ucf for /etc/default/xen.
* Remove handling for old udev rules link and xenstored directory.
* Rename xend init script to xen.
[ Lionel Elie Mamane ]
* Fix toolstack script to work with old dash. (closes: #648029)
xen (4.1.2-3) unstable; urgency=low
* Merge xen-common source package.
* Remove xend wrapper, it should not be called by users.
* Support xl in init script.
* Restart xen daemons on upgrade.
* Restart and stop xenconsoled in init script.
* Load xen-gntdev module.
* Create /var/lib/xen. (closes: #658101)
* Cleanup udev rules. (closes: #657745)
-- Chuck Short <email address hidden> Tue, 03 Jul 2012 08:43:03 -0400
-
xen (4.1.2-2ubuntu2) precise; urgency=low
* etherboot: Change the config back to include the 8086100e.rom
(LP: #948333)
-- Stefan Bader <email address hidden> Tue, 06 Mar 2012 20:58:14 +0100