Mon, 29 Nov 2021 11:02:05 UTC

Information for build xen-4.14.3-1.fc33

ID1831320
Package Namexen
Version4.14.3
Release1.fc33
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/xen.git#a9eb426b07769f34c58f3ed813eb9d71ac3847bc
SummaryXen is a virtual machine monitor
DescriptionThis package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor
Built bymyoung
State complete
Volume DEFAULT
StartedMon, 13 Sep 2021 20:29:40 UTC
CompletedMon, 13 Sep 2021 20:40:44 UTC
Taskbuild (f33-candidate, /rpms/xen.git:a9eb426b07769f34c58f3ed813eb9d71ac3847bc)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/xen.git#a9eb426b07769f34c58f3ed813eb9d71ac3847bc'}}
Tags
f33-updates
RPMs
src
xen-4.14.3-1.fc33.src.rpm (info) (download)
aarch64
xen-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-devel-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-hypervisor-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-libs-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-licenses-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-ocaml-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-ocaml-devel-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-runtime-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-debuginfo-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-debugsource-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-libs-debuginfo-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-ocaml-debuginfo-4.14.3-1.fc33.aarch64.rpm (info) (download)
xen-runtime-debuginfo-4.14.3-1.fc33.aarch64.rpm (info) (download)
armv7hl
xen-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-devel-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-hypervisor-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-libs-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-licenses-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-ocaml-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-ocaml-devel-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-runtime-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-debuginfo-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-debugsource-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-libs-debuginfo-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-ocaml-debuginfo-4.14.3-1.fc33.armv7hl.rpm (info) (download)
xen-runtime-debuginfo-4.14.3-1.fc33.armv7hl.rpm (info) (download)
i686
xen-4.14.3-1.fc33.i686.rpm (info) (download)
xen-devel-4.14.3-1.fc33.i686.rpm (info) (download)
xen-hypervisor-4.14.3-1.fc33.i686.rpm (info) (download)
xen-libs-4.14.3-1.fc33.i686.rpm (info) (download)
xen-licenses-4.14.3-1.fc33.i686.rpm (info) (download)
xen-ocaml-4.14.3-1.fc33.i686.rpm (info) (download)
xen-ocaml-devel-4.14.3-1.fc33.i686.rpm (info) (download)
xen-runtime-4.14.3-1.fc33.i686.rpm (info) (download)
xen-debuginfo-4.14.3-1.fc33.i686.rpm (info) (download)
xen-debugsource-4.14.3-1.fc33.i686.rpm (info) (download)
xen-libs-debuginfo-4.14.3-1.fc33.i686.rpm (info) (download)
xen-ocaml-debuginfo-4.14.3-1.fc33.i686.rpm (info) (download)
xen-runtime-debuginfo-4.14.3-1.fc33.i686.rpm (info) (download)
noarch
xen-doc-4.14.3-1.fc33.noarch.rpm (info) (download)
x86_64
xen-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-devel-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-hypervisor-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-libs-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-licenses-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-ocaml-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-ocaml-devel-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-runtime-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-debuginfo-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-debugsource-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-libs-debuginfo-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-ocaml-debuginfo-4.14.3-1.fc33.x86_64.rpm (info) (download)
xen-runtime-debuginfo-4.14.3-1.fc33.x86_64.rpm (info) (download)
Logs
armv7hl
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
i686
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
x86_64
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
aarch64
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
Changelog * Mon Sep 13 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.3-1 - update to xen-4.14.3 remove or adjust patches now included or superceded upstream * Wed Sep 08 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.2-4 - Another race in XENMAPSPACE_grant_table handling [XSA-384, CVE-2021-28701] (#2002786) - bugfix for XSA-380 - stop editing grub files in /boot/efi/EFI/fedora on Fedora 34 * Sat Aug 28 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.2-3 - IOMMU page mapping issues on x86 [XSA-378, CVE-2021-28694, CVE-2021-28695, CVE-2021-28696] (#1997531) (#1997568) (#1997537) - grant table v2 status pages may remain accessible after de-allocation [XSA-379, CVE-2021-28697] (#1997520) - long running loops in grant table handling [XSA-380, CVE-2021-28698] (#1997526) - inadequate grant-v2 status frames array bounds check [XSA-382, CVE-2021-28699] (#1997523) - xen/arm: No memory limit for dom0less domUs [XSA-383, CVE-2021-28700] (#1997527) - grub x86_64-efi modules now go into /boot/grub2 * Tue Jun 08 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.2-2 - xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693] (#1970542) - inappropriate x86 IOMMU timeout detection / handling [XSA-373, CVE-2021-28692] (#1970540) - Speculative Code Store Bypass [XSA-375, CVE-2021-0089, CVE-2021-26313] (#1970531) - x86: TSX Async Abort protections not restored after S3 [XSA-377, CVE-2021-28690] (#1970546) * Tue May 04 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.2-1 - update to 4.14.2 remove or adjust patch content now included or superceded upstream - re-copy grub modules if they have changed * Thu Mar 18 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-7 - HVM soft-reset crashes toolstack [XSA-368, CVE-2021-28687] (#1940610) * Tue Feb 16 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-5 - Linux: display frontend "be-alloc" mode is unsupported (comment only) [XSA-363, CVE-2021-26934] (#1929549) - arm: The cache may not be cleaned for newly allocated scrubbed pages [XSA-364, CVE-2021-26933] (#1929547) * Mon Feb 01 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-4 - backport upstream zstd dom0 and guest patches - add libzstd-devel BuildRequires - add weak dependency on grub modules to improve initial boot setup * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.14.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Thu Jan 21 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-2 - IRQ vector leak on x86 [XSA-360] * Sun Dec 20 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-1 - update to 4.14.1 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream renumber patches * Tue Dec 15 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-14 - xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) - Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) - Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) - Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) - Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1908087) - oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000) - undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085) - oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003) - oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908002) - infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932) - FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931) - FIFO event channels control structure ordering [XSA-359, CVE-2020-29571] (#1908089) * Sat Dec 05 2020 Jeff Law <law@redhat.com> - 4.14.0-13 - Work around another gcc-11 stringop-overflow diagnostic * Tue Nov 24 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-12 - stack corruption from XSA-346 change [XSA-355] * Mon Nov 23 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-11 - support zstd compressed kernels (dom0 only) based on linux kernel code * Tue Nov 10 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-10 - Information leak via power sidechannel [XSA-351, CVE-2020-28368] (#1897146) - add make as build requires * Tue Nov 03 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-9 - revised patch for XSA-286 (mitigating performance impact) * Fri Oct 30 2020 Jeff Law <law@redhat.com> - 4.14.0-8 - Work around gcc-11 stringop-overflow diagnostics as well * Wed Oct 28 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-7 - x86 PV guest INVLPG-like flushes may leave stale TLB entries [XSA-286, CVE-2020-27674] (#1891092) - simplify grub scripts (patches from Thierry Vignaud <tvignaud@redhat.com>) - some fixes for gcc 11 * Tue Oct 20 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-6 - x86: Race condition in Xen mapping code [XSA-345, CVE-2020-27672] (#1891097) - undue deferral of IOMMU TLB flushes [XSA-346, CVE-2020-27671] (#1891093) - unsafe AMD IOMMU page table updates [XSA-347, CVE-2020-27670] (#1891088) * Tue Sep 22 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-5 - x86 pv: Crash when handling guest access to MSR_MISC_ENABLE [XSA-333, CVE-2020-25602] (#1881619) - Missing unlock in XENMEM_acquire_resource error path [XSA-334, CVE-2020-25598] (#1881616) - race when migrating timers between x86 HVM vCPU-s [XSA-336, CVE-2020-25604] (#1881618) - PCI passthrough code reading back hardware registers [XSA-337, CVE-2020-25595] (#1881587) - once valid event channels may not turn invalid [XSA-338, CVE-2020-25597] (#1881588) - x86 pv guest kernel DoS via SYSENTER [XSA-339, CVE-2020-25596] (#1881617) - Missing memory barriers when accessing/allocating an event channel [XSA-340, CVE-2020-25603] (#1881583) - out of bounds event channels available to 32-bit x86 domains [XSA-342, CVE-2020-25600] (#1881582) - races with evtchn_reset() [XSA-343, CVE-2020-25599] (#1881581) - lack of preemption in evtchn_reset() / evtchn_destroy() [XSA-344, CVE-2020-25601] (#1881586) * Thu Sep 03 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-4 - rebuild for OCaml 4.11.1 * Mon Aug 24 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-3 - QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364] (#1871850) * Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.14.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Sun Jul 26 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-1 - update to 4.14.0 remove or adjust patches now included or superceded upstream adjust xen.hypervisor.config bison and flex packages now needed for hypervisor build /usr/bin/vchan-socket-proxy and /usr/sbin/xenhypfs have been added with associated libraries and man page - re-enable pandoc for more documentation adding xen-vbd-interface.7.gz - revise documentation build dependencies drop tex, texinfo, ghostscript, graphviz, discount add perl(Pod::Html) perl(File::Find) - additional build dependency for ocaml on perl(Data::Dumper) * Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 4.13.1-5 - Use make macros - https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro * Tue Jul 07 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.1-4 - incorrect error handling in event channel port allocation leads to DoS [XSA-317, CVE-2020-15566] (#1854465) - inverted code paths in x86 dirty VRAM tracking leads to DoS [XSA-319, CVE-2020-15563] (#1854463) - xen: insufficient cache write-back under VT-d leads to DoS [XSA-321, CVE-2020-15565] (#1854467) - missing alignment check in VCPUOP_register_vcpu_info leads to DoS [XSA-327, CVE-2020-15564] (#1854458) - non-atomic modification of live EPT PTE leads to DoS [XSA-328, CVE-2020-15567] (#1854464) * Tue Jun 30 2020 Jeff Law <law@redhat.com> Disable LTO * Wed Jun 10 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.1-3 - Special Register Buffer speculative side channel [XSA-320] * Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 4.13.1-2 - Rebuilt for Python 3.9 * Tue May 19 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.1-1 - update to 4.13.1 remove patches now included or superceded upstream * Tue May 05 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.0-8 - build aarch64 hypervisor with -mno-outline-atomics to fix gcc 10 build * Tue Apr 14 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.0-7 - multiple xenoprof issues [XSA-313, CVE-2020-11740, CVE-2020-11741] (#1823912, #1823914) - Missing memory barriers in read-write unlock paths [XSA-314, CVE-2020-11739] (#1823784) - Bad error path in GNTTABOP_map_grant [XSA-316, CVE-2020-11743] (#1823926) - Bad continuation handling in GNTTABOP_copy [XSA-318, CVE-2020-11742] (#1823943) * Tue Mar 17 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.0-6 - fix issues in pygrub dependency found by python 3.8 * Tue Mar 10 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.0-5 - setting for --with-system-ipxe should be a rom file (#1778516) - add weak depends on ipxe-roms-qemu and qemu-system-x86-core * Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.13.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Wed Jan 22 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.0-3 - build fixes for OCaml 4.10.0 and gcc 10 * Tue Jan 14 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.0-2 - arm: a CPU may speculate past the ERET instruction [XSA-312] - use more explicit library names - add weak requires for perl (/etc/xen/scripts/locking.sh) * Wed Dec 18 2019 Michael Young <m.a.young@durham.ac.uk> - 4.13.0-1 - update to 4.13.0 remove patches now included or superceded upstream adjust xen.hypervisor.config /usr/sbin/xen-tmem-list-parse has been removed pkgconfig files have moved to %{_libdir}/pkgconfig /usr/sbin/xen-ucode has been added (x86 only) * Sun Dec 15 2019 Michael Young <m.a.young@durham.ac.uk> - 4.12.1-9 - fix build with OCaml 4.09.0 * Wed Dec 11 2019 Michael Young <m.a.young@durham.ac.uk> - 4.12.1-8 - denial of service in find_next_bit() [XSA-307, CVE-2019-19581, CVE-2019-19582] (#1782211) - denial of service in HVM/PVH guest userspace code [XSA-308, CVE-2019-19583] (#1782206) - privilege escalation due to malicious PV guest [XSA-309, CVE-2019-19578] (#1782210) - Further issues with restartable PV type change operations [XSA-310, CVE-2019-19580] (#1782207) - vulnerability in dynamic height handling for AMD IOMMU pagetables [XSA-311, CVE-2019-19577] (#1782208) - add patches needed to apply XSA-311 * Tue Nov 26 2019 Michael Young <m.a.young@durham.ac.uk> - 4.12.1-7 - Device quarantine for alternate pci assignment methods [XSA-306, CVE-2019-19579] (#1780559) * Tue Nov 12 2019 Michael Young <m.a.young@durham.ac.uk> - 4.12.1-6 - add missing XSA-299 patches * Tue Nov 12 2019 Michael Young <m.a.young@durham.ac.uk> - 4.12.1-5 - x86: Machine Check Error on Page Size Change DoS [XSA-304, CVE-2018-12207] - TSX Asynchronous Abort speculative side channel [XSA-305, CVE-2019-11135] * Thu Oct 31 2019 Michael Young <m.a.young@durham.ac.uk> - 4.12.1-4 - VCPUOP_initialise DoS [XSA-296, CVE-2019-18420] (#1771368) - missing descriptor table limit checking in x86 PV emulation [XSA-298, CVE-2019-18425] (#1771341) - Issues with restartable PV type change operations [XSA-299, CVE-2019-18421] (#1767726) - add-to-physmap can be abused to DoS Arm hosts [XSA-301, CVE-2019-18423] (#1771345) - passed through PCI devices may corrupt host memory after deassignment [XSA-302, CVE-2019-18424] (#1767731) - ARM: Interrupts are unconditionally unmasked in exception handlers [XSA-303, CVE-2019-18422] (#1771443) * Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 4.12.1-3 - Rebuilt for Python 3.8.0rc1 (#1748018)