xen-4.11.1-4.fc29 | Build Info

Information for build xen-4.11.1-4.fc29

1222499

Package Name

xen

Version

4.11.1

Release

4.fc29

Epoch

Source

git+https://src.fedoraproject.org/rpms/xen.git#593eb17437b7e113b7e4e4f4cb72edf61002957e

Summary

Xen is a virtual machine monitor

Description

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

Built by

myoung

State

complete

Volume

fedora_koji_archive04

Started

Tue, 05 Mar 2019 22:24:32 UTC

Completed

Tue, 05 Mar 2019 22:39:06 UTC

Task

build (f29-candidate, /rpms/xen.git:593eb17437b7e113b7e4e4f4cb72edf61002957e)

Extra

{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/xen.git#593eb17437b7e113b7e4e4f4cb72edf61002957e'}}

Tags

f29-updates

RPMs

src
	xen-4.11.1-4.fc29.src.rpm (info) (download)
aarch64
	xen-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-devel-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-hypervisor-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-libs-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-licenses-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-ocaml-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-ocaml-devel-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-runtime-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-debuginfo-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-debugsource-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-libs-debuginfo-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-ocaml-debuginfo-4.11.1-4.fc29.aarch64.rpm (info) (download)
	xen-runtime-debuginfo-4.11.1-4.fc29.aarch64.rpm (info) (download)
armv7hl
	xen-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-devel-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-hypervisor-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-libs-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-licenses-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-ocaml-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-ocaml-devel-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-runtime-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-debuginfo-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-debugsource-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-libs-debuginfo-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-ocaml-debuginfo-4.11.1-4.fc29.armv7hl.rpm (info) (download)
	xen-runtime-debuginfo-4.11.1-4.fc29.armv7hl.rpm (info) (download)
i686
	xen-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-devel-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-hypervisor-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-libs-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-licenses-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-ocaml-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-ocaml-devel-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-runtime-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-debuginfo-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-debugsource-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-libs-debuginfo-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-ocaml-debuginfo-4.11.1-4.fc29.i686.rpm (info) (download)
	xen-runtime-debuginfo-4.11.1-4.fc29.i686.rpm (info) (download)
noarch
	xen-doc-4.11.1-4.fc29.noarch.rpm (info) (download)
x86_64
	xen-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-devel-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-hypervisor-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-libs-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-licenses-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-ocaml-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-ocaml-devel-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-runtime-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-debuginfo-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-debugsource-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-libs-debuginfo-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-ocaml-debuginfo-4.11.1-4.fc29.x86_64.rpm (info) (download)
	xen-runtime-debuginfo-4.11.1-4.fc29.x86_64.rpm (info) (download)

Logs

armv7hl
	state.log
	hw_info.log
	root.log
	build.log
	mock_output.log
	noarch_rpmdiff.json
x86_64
	root.log
	build.log
	hw_info.log
	state.log
	mock_output.log
	noarch_rpmdiff.json
i686
	build.log
	hw_info.log
	state.log
	root.log
	mock_output.log
	noarch_rpmdiff.json
aarch64
	hw_info.log
	state.log
	root.log
	build.log
	mock_output.log
	noarch_rpmdiff.json

Changelog

* Tue Mar 05 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-4 - xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284] race with pass-through device hotplug [XSA-285] x86: steal_page violates page_struct access discipline [XSA-287] x86: Inconsistent PV IOMMU discipline [XSA-288] missing preemption in x86 PV page table unvalidation [XSA-290] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291] x86: insufficient TLB flushing when using PCID [XSA-292] x86: PV kernel context switch corruption [XSA-293] x86 shadow: Insufficient TLB flushing when using PCID [XSA-294] * Thu Feb 14 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-3 - add gcc9 build fixes (#1676229) * Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.11.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Dec 11 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-1 - update to 4.11.1 remove patches for issues now fixed upstream adjust xen.use.fedora.ipxe.patch - only include qemutrad build requirements for platforms that use it - construct ovmf.bin from edk2-ovmf package (#1656651) * Tue Nov 20 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-10 - insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275, CVE-2018-19961, CVE-2018-19962] (#1651665) - x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279, CVE-2018-19965] (#1651970) - xen: various flaws (#1652251) resource accounting issues in x86 IOREQ server handling [XSA-276, CVE-2018-19963] x86: incorrect error handling for guest p2m page removals [XSA-277, CVE-2018-19964] Fix for XSA-240 conflicts with shadow paging [XSA-280, CVE-2018-19966] * Tue Nov 06 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-9 - guest use of HLE constructs may lock up host [XSA-282, CVE-2018-19967] * Wed Oct 24 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-8 - x86: Nested VT-x usable even when disabled [XSA-278, CVE-2018-18883] (#1643118) * Tue Sep 18 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-7 - set /usr/bin/python2 at the start of another python script * Tue Sep 18 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-6 - move pkgconfig files to xen-devel (#1629643) * Wed Sep 12 2018 Michael Young <m.a.young@durham.ac.uk> - set /usr/bin/python2 at the start of some python scripts * Thu Aug 23 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-5 - move creation of /usr/lib/xen symlink to posttrans to avoid rpm conflict * Fri Aug 17 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-4 - move files from /usr/lib/xen to /usr/libexec/xen - create symlink at /usr/lib/xen for compatibility * Tue Aug 14 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-3 - replace use of deprecated vwprintw * Tue Aug 14 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-2 - no longer need to set python_sitearch - L1 Terminal Fault speculative side channel patch bundle [XSA-273, CVE-2018-3620, CVE-2018-3646] also includes Use of v2 grant tables may cause crash on ARM [XSA-268, CVE-2018-15469] (#1616081) x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS [XSA-269, CVE-2018-15468] (#1616077) oxenstored does not apply quota-maxentity [XSA-272, CVE-2018-15470] (#1616080) * Thu Jul 12 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-1 - update to 4.11.0 (#1592976) remove patches for issues now fixed upstream adjust xen.use.fedora.ipxe.patch drop parts of xen.fedora.efi.build.patch & xen.gcc8.temp.fix.patch - replace use of deprecated brctl command (#1588712) - add gcc BuildRequires - adjustments now /usr/bin/python is in a separate package - update hypervisor configuration for arm - put back some gcc fixes needed for arm and i686 - work around a build issue with perl - i686 now want to build EFI hypervisor (actually x86_64) so let it * Wed Jun 27 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-5 - preemption checks bypassed in x86 PV MM handling [XSA-264, CVE-2018-12891] (#1595959) - x86: #DB exception safety check can be triggered by a guest [XSA-265, CVE-2018-12893] (#1595958) - libxl fails to honour readonly flag on HVM emulated SCSI disks [XSA-266, CVE-2018-12892] (#1595957) * Fri Jun 15 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-4 - Speculative register leakage from lazy FPU context switching [XSA-267, CVE-2018-3665] - fix for change in iasl output * Tue May 22 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-3 - Speculative Store Bypass [XSA-263, CVE-2018-3639] (with extra patches so it applies cleanly) * Tue May 08 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-2 - x86: mishandling of debug exceptions [XSA-260, CVE-2018-8897] - x86 vHPET interrupt injection errors [XSA-261, CVE-2018-10982] (#1576089) - qemu may drive Xen into unbounded loop [XSA-262, CVE-2018-10981] (#1576680) * Thu May 03 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-1 - update to xen-4.10.1 adjust xen.use.fedora.ipxe.patch and xen.fedora.efi.build.patch remove patches for issues now fixed upstream package /usr/lib/debug/usr/lib/xen/boot/xen-shim-syms * Wed Apr 25 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-9 - Information leak via crafted user-supplied CDROM [XSA-258, CVE-2018-10472] (#1571867) - x86: PV guest may crash Xen with XPTI [XSA-259, CVE-2018-10471] (#1571878) * Fri Mar 09 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-8 - fix safe-strings patch for OCaml 4.0.6 * Sun Mar 04 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-7 - avoid building parts of xen twice - hypervisor built with -fcf-protection doesn't work on x86_64 * Wed Feb 28 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-6 - update patch for XPTI mitigation for XSA-254 - add Branch Target Injection (BTI) mitigation for XSA-254 - DoS via non-preemptable L3/L4 pagetable freeing [XSA-252, CVE-2018-7540] (#1549568) - grant table v2 -> v1 transition may crash Xen [XSA-255, CVE-2018-7541] (#1549570) - x86 PVH guest without LAPIC may DoS the host [XSA-256, CVE-2018-7542] (#1549572) - further build issue fixes with gcc8 (some temporary workarounds) - -mcet and -fcf-protection aren't recognized in hypervisor build x86_64 on i686 either * Fri Feb 23 2018 Michael Young <m.a.young@durham.ac.uk> - fix some build issues with gcc8 * Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 4.10.0-5 - Escape macros in %changelog * Sun Feb 04 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 4.10.0-4 - Switch to %ldconfig_scriptlets * Sun Jan 14 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-3 - fix typo in annobin build fix - add 4.10.0-shim-comet-3 shim mitigation for [XSA-254, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754] + build fixes XSA-253 patch included in comet patches CONFIG_XEN_GUEST line needed xen.hypervisor.config for comet delay and adjust xen.use.fedora.ipxe.patch and xen.fedora.efi.build.patch package /usr/lib/xen/boot/xen-shim - add Xen page-table isolation (XPTI) mitigation for XSA-254 - -fstack-clash-protection isn't recognized in hypervisor build x86_64 on i686 - __python macro is no longer set, replace by /usr/bin/python2 * Thu Jan 04 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-2 - x86: memory leak with MSR emulation [XSA-253, CVE-2018-5244] (#1531110) * Mon Dec 18 2017 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-1 - renumber patches - fix build with OCaml 4.0.6 (#1526703) - disable annobin for x86_64 hypervisor to allow it to build * Mon Dec 18 2017 Michael Young <m.a.young@durham.ac.uk> - allow building without hypervisor, docs, qemu-xen-traditional or stubdoms - fix build without ocaml * Mon Dec 18 2017 Michael Young <m.a.young@durham.ac.uk> - update to 4.10.0 adjust xen.use.fedora.ipxe.patch update xen.hypervisor.config remove patches for issues now fixed upstream tapdisk* qcow-create qcow2raw img2qcow utilities have been dropped lock-util tap-ctl td-util vhd-* utilities have been dropped package xen-diag and extra manual pages - iasl BuildRequires is now in acpica-tools * Tue Dec 12 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.1-4 - another patch related to the [XSA-240, CVE-2017-15595] issue - xen: various flaws (#1525018) x86 PV guests may gain access to internally used page [XSA-248, CVE-2017-17566] broken x86 shadow mode refcount overflow check [XSA-249, CVE-2017-17563] improper x86 shadow mode refcount error handling [XSA-250, CVE-2017-17564] improper bug check in x86 log-dirty handling [XSA-251, CVE-2017-17565] * Sat Dec 02 2017 Richard W.M. Jones <rjones@redhat.com> - 4.9.1-3 - OCaml 4.06.0 rebuild. * Tue Nov 28 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.1-2 - xen: various flaws (#1518214) x86: infinite loop due to missing PoD error checking [XSA-246, CVE-2017-17044] Missing p2m error checking in PoD code [XSA-247, CVE-2017-17045] * Thu Nov 23 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.1-1 - update to 4.9.1 (#1515818) adjust xen.use.fedora.ipxe.patch and qemu.git-fec5e8c92becad223df9d972770522f64aafdb72.patch remove patches for issues now fixed upstream and parts of xen.gcc7.fix.patch update xen.hypervisor.config - update Source0 location * Wed Nov 15 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-14 - fix an issue in patch for [XSA-240, CVE-2017-15595] that might be a security issue - fix for [XSA-243, CVE-2017-15592] could cause hypervisor crash (DOS) * Thu Oct 26 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-13 - pin count / page reference race in grant table code [XSA-236, CVE-2017-15597] (#1506693) * Thu Oct 12 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-12 - xen: various flaws (#1501391) multiple MSI mapping issues on x86 [XSA-237, CVE-2017-15590] DMOP map/unmap missing argument checks [XSA-238, CVE-2017-15591] hypervisor stack leak in x86 I/O intercept code [XSA-239, CVE-2017-15589] Unlimited recursion in linear pagetable de-typing [XSA-240, CVE-2017-15595] Stale TLB entry due to page type release race [XSA-241, CVE-2017-15588] page type reference leak on x86 [XSA-242, CVE-2017-15593] x86: Incorrect handling of self-linear shadow mappings with translated guests [XSA-243, CVE-2017-15592] x86: Incorrect handling of IST settings during CPU hotplug [XSA-244, CVE-2017-15594] * Sun Oct 01 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-11 - ARM: Some memory not scrubbed at boot [XSA-245, CVE-2017-17046] (#1499843) - Qemu: vga: reachable assert failure during during display update [CVE-2017-13673] (#1486591) - Qemu: vga: OOB read access during display update [CVE-2017-13672] (#1486562) * Tue Sep 12 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-10 - xen: various flaws (#1490884) Missing NUMA node parameter verification [XSA-231, CVE-2017-14316] Missing check for grant table [XSA-232, CVE-2017-14318] cxenstored: Race in domain cleanup [XSA-233, CVE-2017-14317] insufficient grant unmapping checks for x86 PV guests [XSA-234, CVE-2017-14319] * Tue Aug 29 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-9 - Qemu: usb: ohci: infinite loop due to incorrect return value [CVE-2017-9330] (#1457698) - Qemu: nbd: segmentation fault due to client non-negotiation [CVE-2017-9524] (#1460173) - Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort [CVE-2017-10664] (#1466466) - Qemu: exec: oob access during dma operation [CVE-2017-11334] (#1471640) - revised full fix for XSA-226 (regressed 32-bit Dom0 or backend domains) * Wed Aug 23 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-8 - full fix for XSA-226, replacing workaround - drop conflict of xendomain and libvirtd as can cause problems (#1398590) - add-to-physmap error paths fail to release lock on ARM [XSA-235] (#1484476) - Qemu: audio: host memory leakage via capture buffer [CVE-2017-8309] (#1446521) - Qemu: input: host memory leakage via keyboard events [CVE-2017-8379] (#1446561) * Tue Aug 15 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-7 - xen: various flaws (#1481765) multiple problems with transitive grants [XSA-226, CVE-2017-12135] x86: PV privilege escalation via map_grant_ref [XSA-227, CVE-2017-12137] grant_table: Race conditions with maptrack free list handling [XSA-228, CVE-2017-12136] grant_table: possibly premature clearing of GTF_writing / GTF_reading [XSA-230, CVE-2017-12855] * Sat Aug 12 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-6 - files in /usr/lib/debug are not just in efi builds * Sat Aug 12 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-5 - rebuild for ocaml * Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.9.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Mon Jul 31 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-3 - Qemu: serial: host memory leakage 16550A UART emulation [CVE-2017-5579] (#1416162) - Qemu: display: cirrus: OOB read access issue [CVE-2017-7718] (#1443444) - package some files now in /usr/lib/debug * Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.9.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Fri Jul 14 2017 Michael Young <m.a.young@durham.ac.uk> - 4.9.0-1 - update to 4.9.0 (#1465707) adjust xen.use.fedora.ipxe.patch, xen.fedora.efi.build.patch and xen.canonicalize.patch remove patches for issues now fixed upstream and parts of xen.gcc7.fix.patch package new manual pages - make python dependencies explicitly version 2 - switch xen-doc subpackage to noarch - require perl-interpreter instead of perl for packaging policy change * Tue Jun 27 2017 Richard W.M. Jones <rjones@redhat.com> - 4.8.1-5 - Rebuild for OCaml 4.04.2. * Tue Jun 20 2017 Michael Young <m.a.young@durham.ac.uk> - 4.8.1-4 - xen: various flaws (#1463247) blkif responses leak backend stack data [XSA-216] page transfer may allow PV guest to elevate privilege [XSA-217] Races in the grant table unmap code [XSA-218] x86: insufficient reference counts during shadow emulation [XSA-219] x86: PKRU and BND* leakage between vCPU-s [XSA-220] NULL pointer deref in event channel poll [XSA-221] (#1463231) stale P2M mappings due to insufficient error checking [XSA-222] ARM guest disabling interrupt may crash Xen [XSA-223] grant table operations mishandle reference counts [XSA-224] arm: vgic: Out-of-bound access when sending SGIs [XSA-225] * Mon May 15 2017 Richard W.M. Jones <rjones@redhat.com> - 4.8.1-3 - Rebuild for OCaml 4.04.1. * Wed May 03 2017 Michael Young <m.a.young@durham.ac.uk> - 4.8.1-2 - xen: various flaws (#1447345) x86: 64bit PV guest breakout via pagetable use-after-mode-change [XSA-213] grant transfer allows PV guest to elevate privileges [XSA-214] * Mon Apr 10 2017 Michael Young <m.a.young@durham.ac.uk> - 4.8.1-1 - update to xen-4.8.1 adjust xen.use.fedora.ipxe.patch, qemu.trad.bug1399055.patch and qemu.git-4299b90e9ba9ce5ca9024572804ba751aa1a7e70.patch remove upstream patches renumber patches * Wed Apr 05 2017 Michael Young <m.a.young@durham.ac.uk> - 4.8.0-13 - gcc7 build fix for arm * Tue Apr 04 2017 Michael Young <m.a.young@durham.ac.uk> - 4.8.0-12 - gcc7 build fix for i686 - proposed upstream fix for [XSA-206] build issue - Qemu: 9pfs: host memory leakage via v9fs_create [CVE-2017-7377] (#1437873) - x86: broken check in memory_exchange() permits PV guest breakout [XSA-212, CVE-2017-7228] (#1438804) * Wed Mar 29 2017 Michael Young <m.a.young@durham.ac.uk> - 4.8.0-11 - add additional patch for [XSA-206] (#1436690) - gcc7 build fix for [XSA-206] * Tue Mar 28 2017 Michael Young <m.a.young@durham.ac.uk> - 4.8.0-10 - xenstore denial of service via repeated update [XSA-206] (#1436690) * Thu Mar 16 2017 Michael Young <m.a.young@durham.ac.uk> - 4.8.0-9 - Cirrus VGA Heap overflow via display refresh [XSA-211, CVE-2016-9603] (#1432041) - Qemu: usb: an infinite loop issue in ohci_service_ed_list [CVE-2017-6505] (#1429433)