Sun, 23 Feb 2020 21:18:15 UTC

Information for build xen-4.11.3-3.fc30

ID1429274
Package Namexen
Version4.11.3
Release3.fc30
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/xen.git#1b63e4a37b061dee243c933ac44237942deb4cae
SummaryXen is a virtual machine monitor
DescriptionThis package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor
Built bymyoung
State complete
Volume DEFAULT
StartedTue, 14 Jan 2020 22:23:07 UTC
CompletedTue, 14 Jan 2020 22:32:06 UTC
Taskbuild (f30-candidate, /rpms/xen.git:1b63e4a37b061dee243c933ac44237942deb4cae)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/xen.git#1b63e4a37b061dee243c933ac44237942deb4cae'}}
Tags
f30-updates
RPMs
src
xen-4.11.3-3.fc30.src.rpm (info) (download)
aarch64
xen-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-devel-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-hypervisor-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-libs-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-licenses-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-ocaml-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-ocaml-devel-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-runtime-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-debuginfo-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-debugsource-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-libs-debuginfo-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-ocaml-debuginfo-4.11.3-3.fc30.aarch64.rpm (info) (download)
xen-runtime-debuginfo-4.11.3-3.fc30.aarch64.rpm (info) (download)
armv7hl
xen-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-devel-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-hypervisor-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-libs-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-licenses-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-ocaml-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-ocaml-devel-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-runtime-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-debuginfo-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-debugsource-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-libs-debuginfo-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-ocaml-debuginfo-4.11.3-3.fc30.armv7hl.rpm (info) (download)
xen-runtime-debuginfo-4.11.3-3.fc30.armv7hl.rpm (info) (download)
i686
xen-4.11.3-3.fc30.i686.rpm (info) (download)
xen-devel-4.11.3-3.fc30.i686.rpm (info) (download)
xen-hypervisor-4.11.3-3.fc30.i686.rpm (info) (download)
xen-libs-4.11.3-3.fc30.i686.rpm (info) (download)
xen-licenses-4.11.3-3.fc30.i686.rpm (info) (download)
xen-ocaml-4.11.3-3.fc30.i686.rpm (info) (download)
xen-ocaml-devel-4.11.3-3.fc30.i686.rpm (info) (download)
xen-runtime-4.11.3-3.fc30.i686.rpm (info) (download)
xen-debuginfo-4.11.3-3.fc30.i686.rpm (info) (download)
xen-debugsource-4.11.3-3.fc30.i686.rpm (info) (download)
xen-libs-debuginfo-4.11.3-3.fc30.i686.rpm (info) (download)
xen-ocaml-debuginfo-4.11.3-3.fc30.i686.rpm (info) (download)
xen-runtime-debuginfo-4.11.3-3.fc30.i686.rpm (info) (download)
noarch
xen-doc-4.11.3-3.fc30.noarch.rpm (info) (download)
x86_64
xen-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-devel-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-hypervisor-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-libs-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-licenses-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-ocaml-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-ocaml-devel-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-runtime-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-debuginfo-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-debugsource-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-libs-debuginfo-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-ocaml-debuginfo-4.11.3-3.fc30.x86_64.rpm (info) (download)
xen-runtime-debuginfo-4.11.3-3.fc30.x86_64.rpm (info) (download)
Logs
armv7hl
state.log
root.log
build.log
hw_info.log
mock_output.log
noarch_rpmdiff.json
x86_64
build.log
hw_info.log
state.log
root.log
mock_output.log
noarch_rpmdiff.json
i686
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
aarch64
root.log
state.log
hw_info.log
build.log
mock_output.log
noarch_rpmdiff.json
Changelog * Tue Jan 14 2020 Michael Young <m.a.young@durham.ac.uk> - 4.11.3-3 - arm: a CPU may speculate past the ERET instruction [XSA-312] * Thu Dec 12 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.3-2 - denial of service in find_next_bit() [XSA-307, CVE-2019-19581, CVE-2019-19582] (#1782211) - denial of service in HVM/PVH guest userspace code [XSA-308, CVE-2019-19583] (#1782206) - privilege escalation due to malicious PV guest [XSA-309, CVE-2019-19578] (#1782210) - Further issues with restartable PV type change operations [XSA-310, CVE-2019-19580] (#1782207) - vulnerability in dynamic height handling for AMD IOMMU pagetables [XSA-311, CVE-2019-19577] (#1782208) * Tue Dec 03 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.3-1 - update to 4.11.3 remove patches now fixed upstream adjust xen.use.fedora.ipxe.patch * Tue Nov 26 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.2-4 - Device quarantine for alternate pci assignment methods [XSA-306, CVE-2019-19579] (#1780559) * Tue Nov 12 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.2-3 - add missing XSA-299 patches - x86: Machine Check Error on Page Size Change DoS [XSA-304, CVE-2018-12207] - TSX Asynchronous Abort speculative side channel [XSA-305, CVE-2019-11135] * Fri Nov 01 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.2-2 - VCPUOP_initialise DoS [XSA-296, CVE-2019-18420] (#1771368) - missing descriptor table limit checking in x86 PV emulation [XSA-298, CVE-2019-18425] (#1771341) - Issues with restartable PV type change operations [XSA-299, CVE-2019-18421] (#1767726) - add-to-physmap can be abused to DoS Arm hosts [XSA-301, CVE-2019-18423] (#1771345) - passed through PCI devices may corrupt host memory after deassignment [XSA-302, CVE-2019-18424] (#1767731) - ARM: Interrupts are unconditionally unmasked in exception handlers [XSA-303, CVE-2019-18422] (#1771443) * Mon Jul 01 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.2-1 - update to 4.11.2 remove patches now fixed upstream adjust xen.use.fedora.ipxe.patch drop parts of xen.gcc9.fixes.patch * Sat Jun 15 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-6 - Unlimited Arm Atomics Operations [XSA-295, CVE-2019-17349, CVE-2019-17350] (#1720760) * Tue May 14 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-5 - Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] - additional patches so above applies cleanly - work around grub2 issues in dom0 * Tue Mar 05 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-4 - xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284, CVE-2019-17340] race with pass-through device hotplug [XSA-285, CVE-2019-17341] x86: steal_page violates page_struct access discipline [XSA-287, CVE-2019-17342] x86: Inconsistent PV IOMMU discipline [XSA-288, CVE-2019-17343] missing preemption in x86 PV page table unvalidation [XSA-290, CVE-2019-17344] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291, CVE-2019-17345] x86: insufficient TLB flushing when using PCID [XSA-292, CVE-2019-17346] x86: PV kernel context switch corruption [XSA-293, CVE-2019-17347] x86 shadow: Insufficient TLB flushing when using PCID [XSA-294, CVE-2019-17348] * Thu Feb 14 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-3 - add gcc9 build fixes (#1676229) * Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.11.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Dec 11 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-1 - update to 4.11.1 remove patches for issues now fixed upstream adjust xen.use.fedora.ipxe.patch - only include qemutrad build requirements for platforms that use it - construct ovmf.bin from edk2-ovmf package (#1656651) * Tue Nov 20 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-10 - insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275, CVE-2018-19961, CVE-2018-19962] (#1651665) - x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279, CVE-2018-19965] (#1651970) - xen: various flaws (#1652251) resource accounting issues in x86 IOREQ server handling [XSA-276, CVE-2018-19963] x86: incorrect error handling for guest p2m page removals [XSA-277, CVE-2018-19964] Fix for XSA-240 conflicts with shadow paging [XSA-280, CVE-2018-19966] * Tue Nov 06 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-9 - guest use of HLE constructs may lock up host [XSA-282, CVE-2018-19967] * Wed Oct 24 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-8 - x86: Nested VT-x usable even when disabled [XSA-278, CVE-2018-18883] (#1643118) * Tue Sep 18 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-7 - set /usr/bin/python2 at the start of another python script * Tue Sep 18 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-6 - move pkgconfig files to xen-devel (#1629643) * Wed Sep 12 2018 Michael Young <m.a.young@durham.ac.uk> - set /usr/bin/python2 at the start of some python scripts * Thu Aug 23 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-5 - move creation of /usr/lib/xen symlink to posttrans to avoid rpm conflict * Fri Aug 17 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-4 - move files from /usr/lib/xen to /usr/libexec/xen - create symlink at /usr/lib/xen for compatibility * Tue Aug 14 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-3 - replace use of deprecated vwprintw * Tue Aug 14 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-2 - no longer need to set python_sitearch - L1 Terminal Fault speculative side channel patch bundle [XSA-273, CVE-2018-3620, CVE-2018-3646] also includes Use of v2 grant tables may cause crash on ARM [XSA-268, CVE-2018-15469] (#1616081) x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS [XSA-269, CVE-2018-15468] (#1616077) oxenstored does not apply quota-maxentity [XSA-272, CVE-2018-15470] (#1616080) * Thu Jul 12 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-1 - update to 4.11.0 (#1592976) remove patches for issues now fixed upstream adjust xen.use.fedora.ipxe.patch drop parts of xen.fedora.efi.build.patch & xen.gcc8.temp.fix.patch - replace use of deprecated brctl command (#1588712) - add gcc BuildRequires - adjustments now /usr/bin/python is in a separate package - update hypervisor configuration for arm - put back some gcc fixes needed for arm and i686 - work around a build issue with perl - i686 now want to build EFI hypervisor (actually x86_64) so let it * Wed Jun 27 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-5 - preemption checks bypassed in x86 PV MM handling [XSA-264, CVE-2018-12891] (#1595959) - x86: #DB exception safety check can be triggered by a guest [XSA-265, CVE-2018-12893] (#1595958) - libxl fails to honour readonly flag on HVM emulated SCSI disks [XSA-266, CVE-2018-12892] (#1595957) * Fri Jun 15 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-4 - Speculative register leakage from lazy FPU context switching [XSA-267, CVE-2018-3665] - fix for change in iasl output * Tue May 22 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-3 - Speculative Store Bypass [XSA-263, CVE-2018-3639] (with extra patches so it applies cleanly) * Tue May 08 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-2 - x86: mishandling of debug exceptions [XSA-260, CVE-2018-8897] - x86 vHPET interrupt injection errors [XSA-261, CVE-2018-10982] (#1576089) - qemu may drive Xen into unbounded loop [XSA-262, CVE-2018-10981] (#1576680) * Thu May 03 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.1-1 - update to xen-4.10.1 adjust xen.use.fedora.ipxe.patch and xen.fedora.efi.build.patch remove patches for issues now fixed upstream package /usr/lib/debug/usr/lib/xen/boot/xen-shim-syms * Wed Apr 25 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-9 - Information leak via crafted user-supplied CDROM [XSA-258, CVE-2018-10472] (#1571867) - x86: PV guest may crash Xen with XPTI [XSA-259, CVE-2018-10471] (#1571878) * Fri Mar 09 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-8 - fix safe-strings patch for OCaml 4.0.6 * Sun Mar 04 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-7 - avoid building parts of xen twice - hypervisor built with -fcf-protection doesn't work on x86_64 * Wed Feb 28 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.0-6 - update patch for XPTI mitigation for XSA-254 - add Branch Target Injection (BTI) mitigation for XSA-254 - DoS via non-preemptable L3/L4 pagetable freeing [XSA-252, CVE-2018-7540] (#1549568) - grant table v2 -> v1 transition may crash Xen [XSA-255, CVE-2018-7541] (#1549570) - x86 PVH guest without LAPIC may DoS the host [XSA-256, CVE-2018-7542] (#1549572) - further build issue fixes with gcc8 (some temporary workarounds) - -mcet and -fcf-protection aren't recognized in hypervisor build x86_64 on i686 either * Fri Feb 23 2018 Michael Young <m.a.young@durham.ac.uk> - fix some build issues with gcc8 * Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 4.10.0-5 - Escape macros in %changelog * Sun Feb 04 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 4.10.0-4 - Switch to %ldconfig_scriptlets