similar to: XSA-138: Updated packages available (xen-4.4.2-5)

George has built and I have pushed to virt6-xen-common-testing and virt7-xen-common-testing the kernel-3.18.25-19 kernel. Please test this kernel and we can release it. It also has the fix for XSA-171: http://xenbits.xen.org/xsa/advisory-171.html Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type:

I've got Xen 4.4.2 in virt6-testing. I haven't had a chance to test it, and won't for another week or two; but if some volunteers can put it through its paces, I can ask Johnny to push it to the public repo sometome early next week. Thanks, -George

Thanks to work from Johnny, linux 3.18.12 with all the x4c blktap goodness have been built and are now in the virt6-testing repo. I've also uploaded libvirt 1.2.15. As you may have seen earlier today, virt6-testing also includes an updated 4.4.2 package with the latest security update (XSA-133). The kernel has had some basic testing (by myself, Johnny, and another community member), but

On Sat, May 16, 2015 at 2:08 PM, Johnny Hughes <johnny at centos.org> wrote: > On 05/13/2015 01:14 PM, George Dunlap wrote: >> Thanks to work from Johnny, linux 3.18.12 with all the x4c blktap >> goodness have been built and are now in the virt6-testing repo. I've >> also uploaded libvirt 1.2.15. As you may have seen earlier today, >> virt6-testing also

On Thu, Apr 23, 2015 at 5:09 PM, George Dunlap <dunlapg at umich.edu> wrote: > I've got Xen 4.4.2 in virt6-testing. I haven't had a chance to test > it, and won't for another week or two; but if some volunteers can put > it through its paces, I can ask Johnny to push it to the public repo > sometome early next week. Unless there are any objections, I'll ask for

On 05/13/2015 01:14 PM, George Dunlap wrote: > Thanks to work from Johnny, linux 3.18.12 with all the x4c blktap > goodness have been built and are now in the virt6-testing repo. I've > also uploaded libvirt 1.2.15. As you may have seen earlier today, > virt6-testing also includes an updated 4.4.2 package with the latest > security update (XSA-133). > > The kernel has

There was some discussion about the lack of visibility of the Xen4CentOS development process. The Xen spec files and supporting patches are kept in a git tree. I've pushed copies of these trees here: https://github.com/gwd/sig-virt-xen xen-44 is the branch for Xen 4.4 development, and xen-46 is the branch for Xen 4.6 development. As is normal, these repos do not contain many of the binary

The following packages are updated for Xen4CentOS for CentOS 6: Source: 942bc436e401c798991ae4ca956082c12a5a3b65ec53cd7ec9901dda7704f9b7 e1000e-2.5.4-3.10.63.2.el6.centos.alt.src.rpm aa46f97636568c46295d2d99f1e33b5fda50df707a2a8321a516200b8b4e95a6 kernel-3.10.63-11.el6.centos.alt.src.rpm ea44d2658e096ef6f00f7dfd4fecc6bff977d959563e4929539d23643b134c3a libvirt-0.10.2.8-9.el6.centos.alt.src.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

As you may have noticed, XSA-156 is due to be released publicly at 12:01am tomorrow (10 November). I've prepped packages, and before I leave today will set a script to send them to the CBS at 12:01 exactly. Packages should end up in virt6-xen-44-candidate within probably half an hour after that. If something goes wrong, I'll try to have it sorted out when I come in tomorrow morning

Hi, I tried this new kernel on out xen testbed with centos 6 and iscsi over qlog 57810 is not working, tried replacing drivers from manufacturer but does not work either. tried 4.9.23 from repo and is not working finally the old 4.9.13-22.el6.x86_64 is the only one from 4.9.x taht is working with hw iscsi on this cards. I will be happy to help debug the issue and get a latest kernel working

It looks like no XSA-142 patch, which is "libxl fails to honour readonly flag on disks with qemu-xen" has been applied to Xen4CentOS. I assume this was on purpose? If not, I can have someone try adding the original patch from http://xenbits.xen.org/xsa/advisory-142.html and some variant of the commit from ef6cb76026628e26e3d1ae53c50ccde1c3c78b1b

On Fri, Apr 24, 2015 at 4:32 AM, Pasi K?rkk?inen <pasik at iki.fi> wrote: > On Thu, Apr 23, 2015 at 05:09:56PM +0100, George Dunlap wrote: > > I've got Xen 4.4.2 in virt6-testing. I haven't had a chance to test > > it, and won't for another week or two; but if some volunteers can put > > it through its paces, I can ask Johnny to push it to the public repo

OK Guys and Gals, We have just kicked off a build of the 4.9.34-29 xen kernel on the Community Build Service for both EL6 and EL7. This kernel has some important things in it. 1. It has a patch for the stack guard issue (CVE-2017-1000364). Also the patch for Xen Security fix XSA-216. See these upstream changelogs for ALL kernel commits from 4.9.31 to 4.9.34:

So... it is theorized that XSA-108 is why amazon is rebooting. Is there any way for me to know when this update hits CentOS5 or xen4centos6? Do we know that it is *not* included in one of the centos patches?

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

On Wed, Feb 17, 2016 at 12:30 PM, George Dunlap <dunlapg at umich.edu> wrote: > I have the following packages going through the CBS: > * A CentOS 7 xen-4.6.1-2, with XSAs 170 and 154 > * A CentOS 6 xen-4.6.1-2, with XSAs 170 and 154 > * A CentOS 6 xen-4.4.3-11, with XSAs 170 > > All these should show up in mirrors hopefully sometime later today. > As usual, please report

xen 4.6.1-5 has been build and should be available in buildlogs soon (available via the centos-virt-xen-testing repo). More information can be found here: http://xenbits.xen.org/xsa/advisory-172.html A signed copy should hit the mirrors tomorrow. Please report any problems on this list. Thanks, -George

Ian Jackson writes ("64bit PV guest breakout [XSA-213]"): > Source: xen > Version: 4.4.1-9 > Severity: important > Tags: security upstream fixed-upstream > > See > https://xenbits.xen.org/xsa/advisory-213.html Ian Jackson writes ("grant transfer allows PV guest to elevate privileges [XSA-214]"): > Source: xen > Version: 4.4.1-9 > Severity:

Dear Security Team, I have prepared a new upload addressing a number of open security issues in Xen. Due to the complexity of the patches that address XSA-273 [0] the packages have been built from upstream's staging-4.8 / staging-4.10 branch again as recommended in that advisory. Commits on those branches are restricted to those that address the following XSAs (cf. [1]): - XSA-273