-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-1f5832fc0e 2019-05-30 17:27:02.839897 --------------------------------------------------------------------------------
Name : xen Product : Fedora 29 Version : 4.11.1 Release : 5.fc29 URL : http://xen.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor
-------------------------------------------------------------------------------- Update Information:
Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] additional patches so above applies cleanly work around grub2 issues in dom0 -------------------------------------------------------------------------------- ChangeLog:
* Tue May 14 2019 Michael Young m.a.young@durham.ac.uk - 4.11.1-5 - Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] - additional patches so above applies cleanly - work around grub2 issues in dom0 * Tue Mar 5 2019 Michael Young m.a.young@durham.ac.uk - 4.11.1-4 - xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284] race with pass-through device hotplug [XSA-285] x86: steal_page violates page_struct access discipline [XSA-287] x86: Inconsistent PV IOMMU discipline [XSA-288] missing preemption in x86 PV page table unvalidation [XSA-290] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291] x86: insufficient TLB flushing when using PCID [XSA-292] x86: PV kernel context switch corruption [XSA-293] x86 shadow: Insufficient TLB flushing when using PCID [XSA-294] * Thu Feb 14 2019 Michael Young m.a.young@durham.ac.uk - 4.11.1-3 - add gcc9 build fixes (#1676229) * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 4.11.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Dec 11 2018 Michael Young m.a.young@durham.ac.uk - 4.11.1-1 - update to 4.11.1 remove patches for issues now fixed upstream adjust xen.use.fedora.ipxe.patch - only include qemutrad build requirements for platforms that use it - construct ovmf.bin from edk2-ovmf package (#1656651) * Tue Nov 20 2018 Michael Young m.a.young@durham.ac.uk - 4.11.0-10 - insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275, CVE-2018-19961, CVE-2018-19962] (#1651665) - x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279, CVE-2018-19965] (#1651970) - xen: various flaws (#1652251) resource accounting issues in x86 IOREQ server handling [XSA-276, CVE-2018-19963] x86: incorrect error handling for guest p2m page removals [XSA-277, CVE-2018-19964] Fix for XSA-240 conflicts with shadow paging [XSA-280, CVE-2018-19966] * Tue Nov 6 2018 Michael Young m.a.young@durham.ac.uk - 4.11.0-9 - guest use of HLE constructs may lock up host [XSA-282, CVE-2018-19967] * Wed Oct 24 2018 Michael Young m.a.young@durham.ac.uk - 4.11.0-8 - x86: Nested VT-x usable even when disabled [XSA-278, CVE-2018-18883] (#1643118) --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-1f5832fc0e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------