similar to: Recent CVE

# HG changeset patch # User Roger Pau Monne <roger.pau@entel.upc.edu> # Date 1323768129 -3600 # Node ID 7697ee23b08b8eaca9aee4f6b79cf550a490bef7 # Parent 8a84f53376862427f254a017cb52c928dbdd3d32 xenpaging: remove XOPEN_SOURCE The XOPEN_SOURCE define was breaking the compilation under NetBSD. I''ve removed it becasue it is not necessary (at least under NetBSD). If it is necessary

Dear Security Team, I have prepared a new upload addressing a number of open security issues in Xen. Due to the complexity of the patches that address XSA-273 [0] the packages have been built from upstream's staging-4.8 / staging-4.10 branch again as recommended in that advisory. Commits on those branches are restricted to those that address the following XSAs (cf. [1]): - XSA-273

Source: xen Version: 4.8.1~pre.2017.01.23-1 Severity: grave Tags: security upstream Justification: user security hole Hi, the following vulnerability was published for xen. CVE-2017-7228[0]: | An issue (known as XSA-212) was discovered in Xen, with fixes available | for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix | introduced an insufficient check on XENMEM_exchange input,

flight 13439 xen-unstable real [real] http://www.chiark.greenend.org.uk/~xensrcts/logs/13439/ Regressions :-( Tests which did not succeed and are blocking, including tests which could not be run: test-i386-i386-xl-qemuu-winxpsp3 9 guest-localmigrate fail REGR. vs. 13379 test-amd64-amd64-xl-qemuu-win7-amd64 9 guest-localmigrate fail REGR. vs. 13376 Regressions which are regarded as

qemu-stubdom was stripping the prefix from the "params" xenstore key in xenstore_parse_domain_config, which was then saved stripped in a variable. In xenstore_process_event we compare the "param" from xenstore (not stripped) with the stripped "param" saved in the variable, which leads to a medium change (even if there isn't any), since we are comparing something

I am building xen-unstable (23860:a422e2a4451e) on Ubuntu 11.10. I noticed that the "make install" does not create lib entries in /usr/lib/. I see them only in /usr/lib64/. This is causing program like xenpaging to not find the xenctrl library (error while loading shared libraries: libxenctrl.so.4.2: cannot open shared object file: No such file or directory) Is this expected behavior or

26470:acaf29203cf9 "tools+stubdom: install under /usr/local by default" moved more stuff under /usr/local than was desirable. In particular SYSCONFIG_DIR (configuration for initscripts) moved to /usr/local/etc/{sysconfig,defaults} while the initscripts themselves (correctly) remained in /etc/init.d. Moving /etc/xen/scripts breaks the udev bakcned rules file. Lastly stuff under /var was

Hi Everyone, As some of you are aware, I''m a very security paranoid person. I guess this is a good way to be :) Anyway, is the 3.4.x branch of Xen still "supported"? By supported, I mean are security and bug fixes still being developed? Or is everything moving to 4.0? I''ve set up some Xen infrastructure using Xen 3.4.2 (due to upgrade to 3.4.3 in a couple of

branch xen-unstable xen branch xen-unstable job build-i386 test xen-build Tree: qemuu git://xenbits.xen.org/staging/qemu-upstream-unstable.git Tree: xen git://xenbits.xen.org/xen.git *** Found and reproduced problem changeset *** Bug is in tree: xen git://xenbits.xen.org/xen.git Bug introduced: ae763e4224304983a1cde2fbb3d6e0c4d60b2688 Bug not present:

Source: xen Version: 4.4.1-9 Severity: normal Tags: security upstream patch fixed-upstream Hi, the following vulnerability was published for xen. CVE-2015-6654[0]: | The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, | 4.4.x, and earlier does not limit the number of printk console | messages when reporting a failure to retrieve a reference on a foreign | page, which allows

flight 13383 xen-unstable real [real] http://www.chiark.greenend.org.uk/~xensrcts/logs/13383/ Regressions :-( Tests which did not succeed and are blocking, including tests which could not be run: test-amd64-i386-pair 16 guest-start fail REGR. vs. 13379 Regressions which are regarded as allowable (not blocking): test-amd64-amd64-xl-qemuu-win7-amd64 12

# HG changeset patch # User Roger Pau Monne <roger.pau@entel.upc.edu> # Date 1326454799 -3600 # Node ID 58c924a72ab7af658a888ff39411229a9e6a12f6 # Parent 887a3229fd7a50c04981e29709bc7210dafef38f libxl: fix parse_backend_path and device_backend_path to be mutual Currently if libxl__parse_backend_path is used and then you try to get the original path again with libxl__device_backend_path the

The first patch is a leftover from the switch to libxl__create_qemu_logfile, and while there it also handles possible errors when opening /dev/null. The second one is a fix for the issues present in do_daemonize. Thanks, Roger.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2013-0153 / XSA-36 version 3 interrupt remap entries shared and old ones not cleared on AMD IOMMUs UPDATES IN VERSION 3 ==================== Public release. ISSUE DESCRIPTION ================= To avoid an erratum in early hardware, the Xen AMD IOMMU code by default chooses to use a single interrupt

Source: xen Severity: important Tags: security Hi, please see http://xenbits.xen.org/xsa/advisory-116.html for details and a patch. Cheers, Moritz

# HG changeset patch # User Roger Pau Monne <roger.pau@entel.upc.edu> # Date 1326564288 -3600 # Node ID 259112aee618753552056e398f940d1fd9fcc6f7 # Parent f581bb82fecd51e8fbd9c2e4ae9e76b08a695587 libxl: fix mutex initialization The macro PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP is not defined on NetBSD, so define mutex attributes manually. Changes since v1: * Fix leak of mutex attr.

Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"): > Yes, the distribution line should be jessie-security, but please send > a debdiff to team at security.debian.org for a quick review before > uploading (I have no idea whether dgit supports security-master). Here is the proposed debdiff (actually, a git diff) for xen in jessie. My

Hi folks, From the roadmap for Xen 4.3 development, Xen 4.3 will use upstream QEMU (partially done). So I''d like to confirm the following questions. 1. Will Xen 4.3 really use upstream QEMU by default ? I have the question because so far the xen.git tree still uses qemu-xen-unstable by default. 2. If ''yes'' for 1st question, which QEMU upstream will be used in Xen

branch xen-unstable xen branch xen-unstable job test-amd64-i386-rhel6hvm-amd test redhat-install Tree: linux git://git.kernel.org/pub/scm/linux/kernel/git/jeremy/xen.git Tree: qemu git://xenbits.xen.org/staging/qemu-xen-unstable.git Tree: qemuu git://xenbits.xen.org/staging/qemu-upstream-unstable.git Tree: xen http://xenbits.xen.org/staging/xen-unstable.hg *** Found and reproduced problem

Prevent xl from doing any operation if xend daemon is running. That prevents bugs that happened when xl and xend raced to close a domain. Changes since v1: * Add documentation to xl man page. * Permit the execution of commands that don''t modify anything. * Indent error message. Cc: george.dunlap@eu.citrix.com Cc: ian.jackson@eu.citrix.com Signed-off-by: Roger Pau Monne