Fri, 07 Oct 2022 22:43:00 UTC

Information for build xen-4.14.5-1.fc34

ID1950840
Package Namexen
Version4.14.5
Release1.fc34
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/xen.git#692f3fc6f736e816b7d43421b42745335fad1fa3
SummaryXen is a virtual machine monitor
DescriptionThis package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor
Built bymyoung
State complete
Volume DEFAULT
StartedFri, 15 Apr 2022 19:19:44 UTC
CompletedFri, 15 Apr 2022 19:30:34 UTC
Taskbuild (f34-candidate, /rpms/xen.git:692f3fc6f736e816b7d43421b42745335fad1fa3)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/xen.git#692f3fc6f736e816b7d43421b42745335fad1fa3'}}
Tags
f34-cr-eln
f34-updates
RPMs
src
xen-4.14.5-1.fc34.src.rpm (info) (download)
aarch64
xen-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-devel-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-hypervisor-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-libs-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-licenses-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-ocaml-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-ocaml-devel-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-runtime-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-debuginfo-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-debugsource-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-libs-debuginfo-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-ocaml-debuginfo-4.14.5-1.fc34.aarch64.rpm (info) (download)
xen-runtime-debuginfo-4.14.5-1.fc34.aarch64.rpm (info) (download)
armv7hl
xen-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-devel-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-hypervisor-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-libs-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-licenses-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-ocaml-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-ocaml-devel-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-runtime-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-debuginfo-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-debugsource-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-libs-debuginfo-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-ocaml-debuginfo-4.14.5-1.fc34.armv7hl.rpm (info) (download)
xen-runtime-debuginfo-4.14.5-1.fc34.armv7hl.rpm (info) (download)
i686
xen-4.14.5-1.fc34.i686.rpm (info) (download)
xen-devel-4.14.5-1.fc34.i686.rpm (info) (download)
xen-hypervisor-4.14.5-1.fc34.i686.rpm (info) (download)
xen-libs-4.14.5-1.fc34.i686.rpm (info) (download)
xen-licenses-4.14.5-1.fc34.i686.rpm (info) (download)
xen-ocaml-4.14.5-1.fc34.i686.rpm (info) (download)
xen-ocaml-devel-4.14.5-1.fc34.i686.rpm (info) (download)
xen-runtime-4.14.5-1.fc34.i686.rpm (info) (download)
xen-debuginfo-4.14.5-1.fc34.i686.rpm (info) (download)
xen-debugsource-4.14.5-1.fc34.i686.rpm (info) (download)
xen-libs-debuginfo-4.14.5-1.fc34.i686.rpm (info) (download)
xen-ocaml-debuginfo-4.14.5-1.fc34.i686.rpm (info) (download)
xen-runtime-debuginfo-4.14.5-1.fc34.i686.rpm (info) (download)
noarch
xen-doc-4.14.5-1.fc34.noarch.rpm (info) (download)
x86_64
xen-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-devel-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-hypervisor-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-libs-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-licenses-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-ocaml-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-ocaml-devel-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-runtime-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-debuginfo-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-debugsource-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-libs-debuginfo-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-ocaml-debuginfo-4.14.5-1.fc34.x86_64.rpm (info) (download)
xen-runtime-debuginfo-4.14.5-1.fc34.x86_64.rpm (info) (download)
Logs
armv7hl
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
i686
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
x86_64
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
aarch64
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
Changelog * Fri Apr 15 2022 Michael Young <m.a.young@durham.ac.uk> - 4.14.5-1 - update to xen-4.14.5 remove or adjust patches now included or superceded upstream * Wed Apr 06 2022 Michael Young <m.a.young@durham.ac.uk> - 4.14.4-3 - Racy interactions between dirty vram tracking and paging log dirty hypercalls [XSA-397, CVE-2022-26356] - race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357] - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400, CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361] * Sat Mar 12 2022 Michael Young <m.a.young@durham.ac.uk> - 4.14.4-2 - Multiple speculative security issues [XSA-398] - additional patches so above applies cleanly * Thu Feb 03 2022 Michael Young <m.a.young@durham.ac.uk> - 4.14.4-1 - update to xen-4.14.4 remove or adjust patches now included or superceded upstream * Tue Jan 25 2022 Michael Young <m.a.young@durham.ac.uk> - 4.14.3-4 - frontends vulnerable to backends [XSA-376] (document change only) - arm: guest_physmap_remove_page not removing the p2m mappings [XSA-393, CVE-2022-23033] (#2045044) - A PV guest could DoS Xen while unmapping a grant [XSA-394, CVE-2022-23034] (#2045042) - Insufficient cleanup of passed-through device IRQs [XSA-395, CVE-2022-23035] (#2045040) * Tue Nov 23 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.3-3 - guests may exceed their designated memory limit [XSA-385, CVE-2021-28706] - PoD operations on misaligned GFNs [XSA-388, CVE-2021-28704, CVE-2021-28707 CVE-2021-28708] - issues with partially successful P2M updates on x86 [XSA-389, CVE-2021-28705, CVE-2021-28709] * Wed Oct 06 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.3-2 - PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248) * Mon Sep 13 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.3-1 - update to xen-4.14.3 remove or adjust patches now included or superceded upstream * Wed Sep 08 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.2-4 - Another race in XENMAPSPACE_grant_table handling [XSA-384, CVE-2021-28701] (#2002786) - bugfix for XSA-380 - stop editing grub files in /boot/efi/EFI/fedora on Fedora 34 * Sat Aug 28 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.2-3 - IOMMU page mapping issues on x86 [XSA-378, CVE-2021-28694, CVE-2021-28695, CVE-2021-28696] (#1997531) (#1997568) (#1997537) - grant table v2 status pages may remain accessible after de-allocation [XSA-379, CVE-2021-28697] (#1997520) - long running loops in grant table handling [XSA-380, CVE-2021-28698] (#1997526) - inadequate grant-v2 status frames array bounds check [XSA-382, CVE-2021-28699] (#1997523) - xen/arm: No memory limit for dom0less domUs [XSA-383, CVE-2021-28700] (#1997527) - grub x86_64-efi modules now go into /boot/grub2 * Tue Jun 08 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.2-2 - xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693] (#1970542) - inappropriate x86 IOMMU timeout detection / handling [XSA-373, CVE-2021-28692] (#1970540) - Speculative Code Store Bypass [XSA-375, CVE-2021-0089, CVE-2021-26313] (#1970531) - x86: TSX Async Abort protections not restored after S3 [XSA-377, CVE-2021-28690] (#1970546) * Tue May 04 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.2-1 - update to 4.14.2 remove or adjust patch content now included or superceded upstream - re-copy grub modules if they have changed * Thu Mar 18 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-7 - HVM soft-reset crashes toolstack [XSA-368, CVE-2021-28687] (#1940610) * Tue Feb 16 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-5 - Linux: display frontend "be-alloc" mode is unsupported (comment only) [XSA-363, CVE-2021-26934] (#1929549) - arm: The cache may not be cleaned for newly allocated scrubbed pages [XSA-364, CVE-2021-26933] (#1929547) * Mon Feb 01 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-4 - backport upstream zstd dom0 and guest patches - add libzstd-devel BuildRequires - add weak dependency on grub modules to improve initial boot setup * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.14.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Thu Jan 21 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-2 - IRQ vector leak on x86 [XSA-360] * Sun Dec 20 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-1 - update to 4.14.1 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream renumber patches * Tue Dec 15 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-14 - xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) - Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) - Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) - Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) - Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1908087) - oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000) - undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085) - oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003) - oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908002) - infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932) - FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931) - FIFO event channels control structure ordering [XSA-359, CVE-2020-29571] (#1908089) * Sat Dec 05 2020 Jeff Law <law@redhat.com> - 4.14.0-13 - Work around another gcc-11 stringop-overflow diagnostic * Tue Nov 24 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-12 - stack corruption from XSA-346 change [XSA-355] * Mon Nov 23 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-11 - support zstd compressed kernels (dom0 only) based on linux kernel code * Tue Nov 10 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-10 - Information leak via power sidechannel [XSA-351, CVE-2020-28368] (#1897146) - add make as build requires * Tue Nov 03 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-9 - revised patch for XSA-286 (mitigating performance impact) * Fri Oct 30 2020 Jeff Law <law@redhat.com> - 4.14.0-8 - Work around gcc-11 stringop-overflow diagnostics as well * Wed Oct 28 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-7 - x86 PV guest INVLPG-like flushes may leave stale TLB entries [XSA-286, CVE-2020-27674] (#1891092) - simplify grub scripts (patches from Thierry Vignaud <tvignaud@redhat.com>) - some fixes for gcc 11 * Tue Oct 20 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-6 - x86: Race condition in Xen mapping code [XSA-345, CVE-2020-27672] (#1891097) - undue deferral of IOMMU TLB flushes [XSA-346, CVE-2020-27671] (#1891093) - unsafe AMD IOMMU page table updates [XSA-347, CVE-2020-27670] (#1891088) * Tue Sep 22 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-5 - x86 pv: Crash when handling guest access to MSR_MISC_ENABLE [XSA-333, CVE-2020-25602] (#1881619) - Missing unlock in XENMEM_acquire_resource error path [XSA-334, CVE-2020-25598] (#1881616) - race when migrating timers between x86 HVM vCPU-s [XSA-336, CVE-2020-25604] (#1881618) - PCI passthrough code reading back hardware registers [XSA-337, CVE-2020-25595] (#1881587) - once valid event channels may not turn invalid [XSA-338, CVE-2020-25597] (#1881588) - x86 pv guest kernel DoS via SYSENTER [XSA-339, CVE-2020-25596] (#1881617) - Missing memory barriers when accessing/allocating an event channel [XSA-340, CVE-2020-25603] (#1881583) - out of bounds event channels available to 32-bit x86 domains [XSA-342, CVE-2020-25600] (#1881582) - races with evtchn_reset() [XSA-343, CVE-2020-25599] (#1881581) - lack of preemption in evtchn_reset() / evtchn_destroy() [XSA-344, CVE-2020-25601] (#1881586) * Thu Sep 03 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-4 - rebuild for OCaml 4.11.1 * Mon Aug 24 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-3 - QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364] (#1871850) * Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.14.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Sun Jul 26 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-1 - update to 4.14.0 remove or adjust patches now included or superceded upstream adjust xen.hypervisor.config bison and flex packages now needed for hypervisor build /usr/bin/vchan-socket-proxy and /usr/sbin/xenhypfs have been added with associated libraries and man page - re-enable pandoc for more documentation adding xen-vbd-interface.7.gz - revise documentation build dependencies drop tex, texinfo, ghostscript, graphviz, discount add perl(Pod::Html) perl(File::Find) - additional build dependency for ocaml on perl(Data::Dumper) * Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 4.13.1-5 - Use make macros - https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro * Tue Jul 07 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.1-4 - incorrect error handling in event channel port allocation leads to DoS [XSA-317, CVE-2020-15566] (#1854465) - inverted code paths in x86 dirty VRAM tracking leads to DoS [XSA-319, CVE-2020-15563] (#1854463) - xen: insufficient cache write-back under VT-d leads to DoS [XSA-321, CVE-2020-15565] (#1854467) - missing alignment check in VCPUOP_register_vcpu_info leads to DoS [XSA-327, CVE-2020-15564] (#1854458) - non-atomic modification of live EPT PTE leads to DoS [XSA-328, CVE-2020-15567] (#1854464) * Tue Jun 30 2020 Jeff Law <law@redhat.com> Disable LTO * Wed Jun 10 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.1-3 - Special Register Buffer speculative side channel [XSA-320] * Tue May 26 2020 Miro HronĨok <mhroncok@redhat.com> - 4.13.1-2 - Rebuilt for Python 3.9 * Tue May 19 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.1-1 - update to 4.13.1 remove patches now included or superceded upstream * Tue May 05 2020 Michael Young <m.a.young@durham.ac.uk> - 4.13.0-8 - build aarch64 hypervisor with -mno-outline-atomics to fix gcc 10 build