similar to: Bug#560857: xen-unstable: embeds qemu

package: xen-3 version: 3.4.2-2 severity: important tags: security hi, your package embeds source code from both qemu, which makes security updates very cumbersome, difficult, and potentially error-prone. please update your package to make use of the existing packages if possible. thanks for your attention on this matter. best wishes, mike

Source: xen-unstable Version: 3.0-unstable+hg11561-1 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-unstable. CVE-2007-3919[0]: | (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local | users to truncate arbitrary files via a symlink attack on | /tmp/xenq-shm. If you fix this vulnerability please also include

Package: xen-unstable Version: 3.3-unstable+hg17961-1 Severity: normal Tags: sid User: debian-gcc at lists.debian.org Usertags: ftbfs-gcc-4.5 The package fails to build in a test rebuild on at least amd64 with gcc-4.5/g++-4.5, but succeeds to build with gcc-4.4/g++-4.4. For the compiler version used, see: http://lists.debian.org/debian-devel/2010/01/msg00230.html The full build log can be found

Source: xen-unstable Version: 3.3-unstable+hg17602-1 Severity: grave Tags: security, patch Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for xen-unstable. CVE-2008-1943[0]: | Buffer overflow in the backend of XenSource Xen Para Virtualized Frame | Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial | of service (crash) and possibly execute

Package: xen-utils-common Version: 4.0.0-1 Severity: important The xm utility requires python-xml but the package does not depend on it. # xm new --help_vars Unexpected error: <type 'exceptions.ImportError'> Please report to xen-devel at lists.xensource.com Traceback (most recent call last): File "/usr/lib/xen-4.0/bin/xm", line 8, in <module>

Package: xen-unstable Version: 3.3-unstable+hg17879-1 Severity: serious User: debian-qa at lists.debian.org Usertags: qa-ftbfs-20080702 qa-ftbfs Justification: FTBFS on i386 Hi, During a rebuild of all packages in sid, your package failed to build on i386. Relevant part: > make[5]: Entering directory

tag 502123 patch severity 502123 serious thanks Confirmed. This regression was introduced by a copy-and-paste error in debian/patches/tools-python-xen-xm-relative-path.diff (svn://svn.debian.org/pkg-xen -r531). Please apply this fix. --- debian/changelog 2008-12-04 16:50:04.000000000 -0500 +++ debian/changelog 2008-12-04 16:59:09.000000000 -0500 @@ -1,3 +1,10 @@ +xen-unstable

Package: xen-3.0 Version: 3.0.2-3+hg9762-1 Severity: wishlist There was an error while trying to autobuild your package: > Automatic build of xen-3.0_3.0.2-3+hg9762-1 on caballero by sbuild/ia64 85 > Build started at 20060922-0812 [...] > ** Using build dependencies supplied by package: > Build-Depends: debhelper (>= 5.0.37.2), libcurl3-dev | libcurl-dev, python-dev, python

Package: xen-utils-3.2-1 Version: 3.2.0-3~bpo4+2 Severity: normal Hi, pygrub has problems parsing block devices partitioned with Lenny Beta 2 and ext3 on paravirt guests: # /usr/lib/xen-3.2-1/bin/pygrub /var/lib/xen/images/test2.img Traceback (most recent call last): File "/usr/lib/xen-3.2-1/bin/pygrub", line 653, in ? chosencfg = run_grub(file, entry, fs) File

Package: xen-hypervisor-3.0.2-1-i386 Version: 3.0.2-3+hg9762-1 Severity: grave Justification: renders package unusable When booting Xen Dom0 on my Dell 2950, the kernel panics. I have been unable to get the serial console working under xen (works under normal kernels), so the best debugging info I can provide is a screenshot of the console when it dies. I will attach that after the bug is

Package: xen-hypervisor-3.2-1-i386 Version: 3.2.0-4 Severity: important in etch there was an automated generated entry in the menu-list of grub in this version the grub-menu is not updated also found following links: http://lists.xensource.com/archives/html/xen-users/2007-09/msg00328.html -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500,

Package: xen-utils-common Version: 3.4.2-3 Severity: minor Hi, I've just noticed that the xen-utils-common package instals the file xen-backend.rules both under /etc/udev/xen-backend.rules and /lib/udev/rules.d/xen-backend.rules I think the flormer is useless and is installed there by mistake. Kind Regards, Marco -- System Information: Debian Release: squeeze/sid APT prefers unstable

Package: xen-utils-common Version: 3.2.0-1~bpo4+1 Severity: minor I use the version from backports, but it's still present in sid. In /etc/xen/xend-config-sxp : #(xen-tcp-xmlrpc-server-address 'localhost') #(xen-tcp-xmlrpc-server-port 8006) should be #(xend-tcp-xmlrpc-server-address 'localhost') #(xend-tcp-xmlrpc-server-port 8006) Small typo in a commented line, but

Package: libxen-dev Version: 4.0.0-2 Severity: grave Hi Bastian, libxen-dev used to ship the following file: /usr/include/blktaplib.h but it has gone, I don't get why. The result is that I can't compile my xen-qemu-dm-4.0-4.0.0 in a normal SID system, while it was working perfectly with version 4.0.0-1~experimental.2 of libxen-dev. I had a look into the debian/changelog of xen 4.0.0-2,

Source: xen-3 Version: 3.2.1-1 Severity: grave Tags: security, patch Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for xen-3. CVE-2008-1943[0]: | Buffer overflow in the backend of XenSource Xen Para Virtualized Frame | Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial | of service (crash) and possibly execute arbitrary code via a crafted |

Package: xen-hypervisor-3.2-1-amd64 Version: 3.2.1-2 Severity: serious After noting that this version supposedly loads bzImage kernels: | xen-3 (3.2.1-2) unstable; urgency=low | | * Use e2fslibs based ext2 support for pygrub. (closes: #476366) | * Fix missing checks in pvfb code. | See CVE-2008-1952. (closes: #487095) | * Add support for loading bzImage files. (closes: #474509) | *

Package: xen-hypervisor-4.0-i386 Version: 4.0.1~rc3-1 Severity: critical Tags: upstream patch Justification: breaks the whole system Using 2.6.32 and xen 4.0, balloon driver crash Upstream patch seems to be available : http://lists.xensource.com/archives/html/xen-devel/2010-06/msg00601.html Thanks -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500,

Subject: xen-hypervisor-unstable-amd64: Post update from 3.2 -> 3.3, initrd which previously worked failes Package: xen-hypervisor-unstable-amd64 Version: 3.3-unstable+hg17961-1 Severity: normal *** Please type your report below this line *** System was running hypervisor 3.2, and domUs were working correctly. System was updated to -unstable (3.3) hypervisor and utils. Unchanged kernel and

Package: xen-utils-4.0 Version: 4.0.1-2 Right after another Wheezy distribution update I've faced the following issue with "xm". ===== host:~# xm new /etc/xen/domains/test.cfg Unexpected error: <type 'exceptions.ImportError'> Please report to xen-devel at lists.xensource.com Traceback (most recent call last): File "/usr/lib/xen-4.0/bin/xm", line 8, in

Package: xen-unstable Version: 3.0-unstable+hg11292-2 Your package fails to build with GCC 4.2. Version 4.2 has not been released yet but I'm building with a snapshot in order to find errors and give people an advance warning. The bug below is in your package though and not because I'm using a snapshot of the compiler so please take a look at it. You can reproduce this with the