Mon, 05 Dec 2022 14:19:22 UTC

Information for build xen-4.15.3-4.fc35

ID2036656
Package Namexen
Version4.15.3
Release4.fc35
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/xen.git#22866587ed143b33b80fc8d184c1ce912c22b4dd
SummaryXen is a virtual machine monitor
DescriptionThis package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor
Built bymyoung
State complete
Volume DEFAULT
StartedTue, 26 Jul 2022 20:05:05 UTC
CompletedTue, 26 Jul 2022 20:15:22 UTC
Taskbuild (f35-candidate, /rpms/xen.git:22866587ed143b33b80fc8d184c1ce912c22b4dd)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/xen.git#22866587ed143b33b80fc8d184c1ce912c22b4dd'}}
Tags
f35-updates
RPMs
src
xen-4.15.3-4.fc35.src.rpm (info) (download)
aarch64
xen-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-devel-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-hypervisor-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-libs-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-licenses-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-ocaml-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-ocaml-devel-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-runtime-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-debuginfo-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-debugsource-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-libs-debuginfo-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-ocaml-debuginfo-4.15.3-4.fc35.aarch64.rpm (info) (download)
xen-runtime-debuginfo-4.15.3-4.fc35.aarch64.rpm (info) (download)
armv7hl
xen-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-devel-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-hypervisor-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-libs-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-licenses-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-ocaml-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-ocaml-devel-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-runtime-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-debuginfo-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-debugsource-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-libs-debuginfo-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-ocaml-debuginfo-4.15.3-4.fc35.armv7hl.rpm (info) (download)
xen-runtime-debuginfo-4.15.3-4.fc35.armv7hl.rpm (info) (download)
i686
xen-4.15.3-4.fc35.i686.rpm (info) (download)
xen-devel-4.15.3-4.fc35.i686.rpm (info) (download)
xen-hypervisor-4.15.3-4.fc35.i686.rpm (info) (download)
xen-libs-4.15.3-4.fc35.i686.rpm (info) (download)
xen-licenses-4.15.3-4.fc35.i686.rpm (info) (download)
xen-ocaml-4.15.3-4.fc35.i686.rpm (info) (download)
xen-ocaml-devel-4.15.3-4.fc35.i686.rpm (info) (download)
xen-runtime-4.15.3-4.fc35.i686.rpm (info) (download)
xen-debuginfo-4.15.3-4.fc35.i686.rpm (info) (download)
xen-debugsource-4.15.3-4.fc35.i686.rpm (info) (download)
xen-libs-debuginfo-4.15.3-4.fc35.i686.rpm (info) (download)
xen-ocaml-debuginfo-4.15.3-4.fc35.i686.rpm (info) (download)
xen-runtime-debuginfo-4.15.3-4.fc35.i686.rpm (info) (download)
noarch
xen-doc-4.15.3-4.fc35.noarch.rpm (info) (download)
x86_64
xen-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-devel-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-hypervisor-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-libs-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-licenses-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-ocaml-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-ocaml-devel-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-runtime-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-debuginfo-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-debugsource-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-libs-debuginfo-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-ocaml-debuginfo-4.15.3-4.fc35.x86_64.rpm (info) (download)
xen-runtime-debuginfo-4.15.3-4.fc35.x86_64.rpm (info) (download)
Logs
armv7hl
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
i686
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
x86_64
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
aarch64
hw_info.log
state.log
build.log
root.log
mock_output.log
noarch_rpmdiff.json
Changelog * Tue Jul 26 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.3-4 - insufficient TLB flush for x86 PV guests in shadow mode [XSA-408, CVE-2022-33745] * Fri Jul 22 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.3-3 - Retbleed - arbitrary speculative code execution with return instructions [XSA-407, CVE-2022-23816, CVE-2022-23825, CVE-2022-29900] * Thu Jul 07 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.3-2 - Linux disk/nic frontends data leaks [XSA-403, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742] (#2104747) * Fri Jul 01 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.3-1 - update to xen-4.15.3 remove or adjust patches now included or superceded upstream - x86: MMIO Stale Data vulnerabilities (not applied in 4.15.2-5) * Wed Jun 22 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.2-5 - x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166] * Thu Jun 09 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.2-4 - x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362] - x86 pv: Insufficient care with non-coherent mappings [ XSA-402, CVE-2022-26363, CVE-2022-26364] - additional patches so above applies cleanly * Wed Apr 06 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.2-3 - Racy interactions between dirty vram tracking and paging log dirty hypercalls [XSA-397, CVE-2022-26356] - race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357] - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400, CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361] * Sat Mar 12 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.2-2 - Multiple speculative security issues [XSA-398] - additional patches so above applies cleanly * Thu Feb 03 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.2-1 - update to xen-4.15.2 remove or adjust patches now included or superceded upstream * Tue Jan 25 2022 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-5 - frontends vulnerable to backends [XSA-376] (document change only) - arm: guest_physmap_remove_page not removing the p2m mappings [XSA-393, CVE-2022-23033] (#2045044) - A PV guest could DoS Xen while unmapping a grant [XSA-394, CVE-2022-23034] (#2045042) - Insufficient cleanup of passed-through device IRQs [XSA-395, CVE-2022-23035] (#2045040) * Tue Nov 23 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-4 - guests may exceed their designated memory limit [XSA-385, CVE-2021-28706] - PoD operations on misaligned GFNs [XSA-388, CVE-2021-28704, CVE-2021-28707 CVE-2021-28708] - issues with partially successful P2M updates on x86 [XSA-389, CVE-2021-28705, CVE-2021-28709] - certain VT-d IOMMUs may not work in shared page table mode [XSA-390, CVE-2021-28710] * Wed Oct 06 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-3 - rebuild (f36 only) for OCaml 4.13.1 * Tue Oct 05 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-2 - PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248) * Sun Sep 12 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.1-1 - update to xen-4.15.1 remove or adjust patches now included or superceded upstream update libxencall version * Wed Sep 08 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-7 - Another race in XENMAPSPACE_grant_table handling [XSA-384, CVE-2021-28701] (#2002786) - bugfix for XSA-380 - stop editing grub files in /boot/efi/EFI/fedora * Wed Aug 25 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-6 - IOMMU page mapping issues on x86 [XSA-378, CVE-2021-28694, CVE-2021-28695, CVE-2021-28696] (#1997531) (#1997568) (#1997537) - grant table v2 status pages may remain accessible after de-allocation [XSA-379, CVE-2021-28697] (#1997520) - long running loops in grant table handling [XSA-380, CVE-2021-28698] (#1997526) - inadequate grant-v2 status frames array bounds check [XSA-382, CVE-2021-28699] (#1997523) - xen/arm: No memory limit for dom0less domUs [XSA-383, CVE-2021-28700] (#1997527) - grub x86_64-efi modules now go into /boot/grub2 * Thu Aug 12 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-5 - work around build issue with GNU ld 2.37 (#1990344) * Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.15.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Tue Jun 08 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-3 - xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693] (#1970542) - inappropriate x86 IOMMU timeout detection / handling [XSA-373, CVE-2021-28692] (#1970540) - Speculative Code Store Bypass [XSA-375, CVE-2021-0089, CVE-2021-26313] (#1970531) - x86: TSX Async Abort protections not restored after S3 [XSA-377, CVE-2021-28690] (#1970546) * Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 4.15.0-2 - Rebuilt for Python 3.10 * Wed May 05 2021 Michael Young <m.a.young@durham.ac.uk> - 4.15.0-1 - update to xen-4.15.0 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream renumber patch update libxendevicemodel libxenevtchn libxenforeignmemory versions /etc/bash_completion.d/xl.sh is now xl package xen-access xen-memshare xenstorepvh-stubdom.gz xl-pci-configuration.5.gz - adjust xen.ocaml.4.12.fixes.patch to work with earlier ocaml - re-copy grub modules if they have changed * Fri Mar 19 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-8 - HVM soft-reset crashes toolstack [XSA-368, CVE-2021-28687] (#1940610) - adjust efi test to stop build failing * Tue Mar 02 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-6 - build fixes for OCaml 4.12.0 * Tue Feb 16 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-5 - Linux: display frontend "be-alloc" mode is unsupported (comment only) [XSA-363, CVE-2021-26934] (#1929549) - arm: The cache may not be cleaned for newly allocated scrubbed pages [XSA-364, CVE-2021-26933] (#1929547) * Mon Feb 01 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-4 - backport upstream zstd dom0 and guest patches - add libzstd-devel BuildRequires - add weak dependency on grub modules to improve initial boot setup * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.14.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Thu Jan 21 2021 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-2 - IRQ vector leak on x86 [XSA-360] * Sun Dec 20 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.1-1 - update to 4.14.1 adjust xen.canonicalize.patch remove or adjust patches now included or superceded upstream renumber patches * Tue Dec 15 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-14 - xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) - Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) - Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) - Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) - Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1908087) - oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000) - undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085) - oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003) - oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908002) - infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932) - FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931) - FIFO event channels control structure ordering [XSA-359, CVE-2020-29571] (#1908089) * Sat Dec 05 2020 Jeff Law <law@redhat.com> - 4.14.0-13 - Work around another gcc-11 stringop-overflow diagnostic * Tue Nov 24 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-12 - stack corruption from XSA-346 change [XSA-355] * Mon Nov 23 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-11 - support zstd compressed kernels (dom0 only) based on linux kernel code * Tue Nov 10 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-10 - Information leak via power sidechannel [XSA-351, CVE-2020-28368] (#1897146) - add make as build requires * Tue Nov 03 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-9 - revised patch for XSA-286 (mitigating performance impact) * Fri Oct 30 2020 Jeff Law <law@redhat.com> - 4.14.0-8 - Work around gcc-11 stringop-overflow diagnostics as well * Wed Oct 28 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-7 - x86 PV guest INVLPG-like flushes may leave stale TLB entries [XSA-286, CVE-2020-27674] (#1891092) - simplify grub scripts (patches from Thierry Vignaud <tvignaud@redhat.com>) - some fixes for gcc 11 * Tue Oct 20 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-6 - x86: Race condition in Xen mapping code [XSA-345, CVE-2020-27672] (#1891097) - undue deferral of IOMMU TLB flushes [XSA-346, CVE-2020-27671] (#1891093) - unsafe AMD IOMMU page table updates [XSA-347, CVE-2020-27670] (#1891088) * Tue Sep 22 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-5 - x86 pv: Crash when handling guest access to MSR_MISC_ENABLE [XSA-333, CVE-2020-25602] (#1881619) - Missing unlock in XENMEM_acquire_resource error path [XSA-334, CVE-2020-25598] (#1881616) - race when migrating timers between x86 HVM vCPU-s [XSA-336, CVE-2020-25604] (#1881618) - PCI passthrough code reading back hardware registers [XSA-337, CVE-2020-25595] (#1881587) - once valid event channels may not turn invalid [XSA-338, CVE-2020-25597] (#1881588) - x86 pv guest kernel DoS via SYSENTER [XSA-339, CVE-2020-25596] (#1881617) - Missing memory barriers when accessing/allocating an event channel [XSA-340, CVE-2020-25603] (#1881583) - out of bounds event channels available to 32-bit x86 domains [XSA-342, CVE-2020-25600] (#1881582) - races with evtchn_reset() [XSA-343, CVE-2020-25599] (#1881581) - lack of preemption in evtchn_reset() / evtchn_destroy() [XSA-344, CVE-2020-25601] (#1881586) * Thu Sep 03 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-4 - rebuild for OCaml 4.11.1 * Mon Aug 24 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-3 - QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364] (#1871850) * Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.14.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Sun Jul 26 2020 Michael Young <m.a.young@durham.ac.uk> - 4.14.0-1 - update to 4.14.0 remove or adjust patches now included or superceded upstream adjust xen.hypervisor.config bison and flex packages now needed for hypervisor build /usr/bin/vchan-socket-proxy and /usr/sbin/xenhypfs have been added with associated libraries and man page - re-enable pandoc for more documentation adding xen-vbd-interface.7.gz - revise documentation build dependencies drop tex, texinfo, ghostscript, graphviz, discount add perl(Pod::Html) perl(File::Find) - additional build dependency for ocaml on perl(Data::Dumper)