| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: xen-hypervisor | Distribution: Fedora Project |
| Version: 4.19.1 | Vendor: Fedora Project |
| Release: 7.fc42 | Build date: Thu Feb 27 19:57:02 2025 |
| Group: Unspecified | Build host: buildhw-x86-16.iad2.fedoraproject.org |
| Size: 60013778 | Source RPM: xen-4.19.1-7.fc42.src.rpm |
| Packager: Fedora Project | |
| Url: http://xen.org/ | |
| Summary: Libraries for Xen tools | |
This package contains the Xen hypervisor
GPL-2.0-or-later AND LicenseRef-Callaway-LGPLv2+ AND LicenseRef-Callaway-BSD
* Thu Feb 27 2025 Michael Young <m.a.young@durham.ac.uk> - 4.19.1-7
- deadlock potential with VT-d and legacy PCI device pass-through
[XSA-467, CVE-2025-1713]
* Thu Jan 23 2025 Michael Young <m.a.young@durham.ac.uk> - 4.19.1-6
- adjust file locations now /usr/sbin is a symlink to /usr/bin
- remove debugedit fix as no longer needed
* Sun Jan 19 2025 Fedora Release Engineering <releng@fedoraproject.org> - 4.19.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Jan 10 2025 Jerry James <loganjerry@gmail.com> - 4.19.1-4
- OCaml 5.3.0 rebuild for Fedora 42
* Thu Jan 09 2025 Michael Young <m.a.young@durham.ac.uk> - 4.19.1-3
- work around debugedit bug to fix aarch64 builds
* Sat Jan 04 2025 Andrea Perotti <aperotti@redhat.com> - 4.19.1-2
- xen-hypervisor %post doesn't load all needed grub2 modules
(#2335558)
* Thu Dec 05 2024 Michael Young <m.a.young@durham.ac.uk> - 4.19.1-1
- update to xen-4.19.1
remove patches now included or superceded upstream
* Tue Nov 12 2024 Michael Young <m.a.young@durham.ac.uk> - 4.19.0-5
- Deadlock in x86 HVM standard VGA handling [XSA-463, CVE-2024-45818]
- libxl leaks data to PVH guests via ACPI tables [XSA-464, CVE-2024-45819]
- additional patches so above applies cleanly
* Tue Sep 24 2024 Michael Young <m.a.young@durham.ac.uk> - 4.19.0-4
- x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] (#2314782)
* Wed Sep 04 2024 Miroslav Suchý <msuchy@redhat.com> - 4.19.0-3
- convert license to SPDX
* Wed Aug 14 2024 Michael Young <m.a.young@durham.ac.uk> - 4.19.0-2
- error handling in x86 IOMMU identity mapping [XSA-460, CVE-2024-31145]
(#2314784)
- PCI device pass-through with shared resources [XSA-461, CVE-2024-31146]
(#2314783)
* Sat Aug 03 2024 Michael Young <m.a.young@durham.ac.uk> - 4.19.0-1
- update to xen-4.19.0
rebase xen.fedora.systemd.patch, xen.efi.build.patch
xen.ocaml5.fixes.patch and xen.gcc14.fixes.patch
remove patches now included or superceded upstream
now need to enable systemd explicitly
xentrace_format has gone, pygrub is now only in /usr/libexec/xen/bin/
package xenwatchdogd.8.gz
use relative links for /usr/bin/qemu-system-i386
* Sat Jul 20 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.18.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Tue Jul 16 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.2-4
- double unlock in x86 guest IRQ handling [XSA-458, CVE-2024-31143]
(#2298690)
* Fri Jun 07 2024 Python Maint <python-maint@redhat.com> - 4.18.2-3
- Rebuilt for Python 3.13
* Mon Jun 03 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.2-2
- x86: Native Branch History Injection [XSA-456 version 3, CVE-2024-2201]
* Tue Apr 09 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.2-1
- x86: Native Branch History Injection [XSA-456, CVE-2024-2201]
- update to xen 4.18.2, remove patches now included upstream
* Tue Apr 09 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.1-2
- x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842]
- x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]
* Wed Mar 20 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.1-1
- update to xen-4.18.1
rebase xen.gcc12.fixes.patch
remove patches now included or superceded upstream
* Wed Mar 13 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-7
- x86: Register File Data Sampling [XSA-452, CVE-2023-28746]
- GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193]
- additional patches so above applies cleanly
* Tue Feb 27 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-6
- x86: shadow stack vs exceptions from emulation stubs - [XSA-451,
CVE-2023-46841] (#2266326)
* Sun Feb 04 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-5
- pci: phantom functions assigned to incorrect contexts [XSA-449,
CVE-2023-46839]
- VT-d: Failure to quarantine devices in !HVM build [XSA-450,
CVE-2023-46840]
- the glibc32 doesn't seem to add anything to the build so drop it
* Sat Feb 03 2024 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-4
- build fixes for gcc14, replace stubs-32.h requirement with glibc32
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.18.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Dec 13 2023 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-2
- arm32: The cache may not be properly cleaned/invalidated (take two)
[XSA-447, CVE-2023-46837]
- rebuild for OCaml-5.1.1
* Wed Nov 29 2023 Michael Young <m.a.young@durham.ac.uk> - 4.18.0-1
- update to xen-4.18.0
rebase xen.canonicalize.patch and xen.ocaml5.fixes.patch
remove or adjust patches now included or superceded upstream
- xencons has been dropped
* Tue Nov 14 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-5
- x86/AMD: mismatch in IOMMU quarantine page table levels [XSA-445,
CVE-2023-46835]
- x86: BTC/SRSO fixes not fully effective [XSA-446, CVE-2023-46836]
* Tue Oct 10 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-4
- xenstored: A transaction conflict can crash C Xenstored [XSA-440,
CVE-2023-34323]
- x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326]
- Multiple vulnerabilities in libfsimage disk handling [XSA-443,
CVE-2023-34325]
- x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327,
CVE-2023-34328]
* Sun Oct 08 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-3
- rebuild (f40) for OCaml 5.1
* Tue Sep 26 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-2
- arm32: The cache may not be properly cleaned/invalidated [XSA-437,
CVE-2023-34321]
- top-level shadow reference dropped too early for 64-bit PV guests
[XSA-438, CVE-2023-34322]
- x86/AMD: Divide speculative information leak [XSA-439, CVE-2023-20588]
* Thu Aug 10 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.2-1
- update to xen-4.17.2 which includes
x86/AMD: Speculative Return Stack Overflow [XSA-434, CVE-2023-20569]
x86/Intel: Gather Data Sampling [XSA-435, CVE-2022-40982]
- remove patches now included upstream
* Tue Aug 01 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-9
- arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320]
(#2228238)
* Mon Jul 31 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-8
- bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
* Tue Jul 25 2023 Michael Young <m.a.young@durham.ac.uk>
- adjust OCaml patch condition so eln builds work
* Mon Jul 24 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-7
- x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
- omit OCaml 5 patch on fc38
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.17.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Jul 10 2023 Jerry James <loganjerry@gmail.com> - 4.17.1-5
- Add patch for OCaml 5.0.0
* Tue Jun 27 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-4
- work around a build problem with python 3.12
* Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 4.17.1-3
- Rebuilt for Python 3.12
* Tue May 16 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-2
- Mishandling of guest SSBD selection on AMD hardware
[XSA-431, CVE-2022-42336]
* Tue May 02 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.1-1
- update to xen-4.17.1
remove patches now included upstream
switch from patchN to patch N format for applying patches
* Tue Apr 25 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-9
- x86 shadow paging arbitrary pointer dereference [XSA-430, CVE-2022-42335]
* Tue Mar 21 2023 Michael Young <m.a.young@durham.ac.uk> - 4.17.0-8
- 3 security issues (#2180425)
x86 shadow plus log-dirty mode use-after-free [XSA-427, CVE-2022-42332]
x86/HVM pinned cache attributes mis-handling [XSA-428, CVE-2022-42333,
CVE-2022-42334]
x86: speculative vulnerability in 32bit SYSCALL path [XSA-429,
CVE-2022-42331]
/boot/flask /boot/flask/xenpolicy-4.19.1 /boot/xen-4.19.1.config /boot/xen-4.19.1.gz /usr/lib/debug/.build-id /usr/lib/debug/.build-id/ce /usr/lib/debug/.build-id/ce/ab9211e339a5125b743f6d1fdcc0d85aaa81f1 /usr/lib/debug/.build-id/ce/ab9211e339a5125b743f6d1fdcc0d85aaa81f1.debug /usr/lib/debug/xen-4.19.1.efi.map /usr/lib/debug/xen-syms-4.19.1 /usr/lib/debug/xen-syms-4.19.1.map /usr/lib64/efi/xen-4.19.1.efi /usr/lib64/efi/xen-4.19.1.notstripped.efi
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Feb 10 00:39:57 2026