similar to: CentOS 6 Xen package update (including XSA-156)

On Sun, Nov 15, 2015 at 02:04:58PM +0200, Pasi K?rkk?inen wrote: > On Thu, Nov 12, 2015 at 02:00:27PM +0000, George Dunlap wrote: > > So going forward, we're moving the CentOS 6 Xen packages from the > > custom "xen4" repos that were introduced several years ago, to repos > > based on its position as a sub-project of the Virt Sig. That will > > make things

On 11/18/2015 02:08 PM, Pasi K?rkk?inen wrote: > Hello, > > On Sun, Nov 15, 2015 at 06:42:18PM +0200, Pasi K?rkk?inen wrote: >> On Sun, Nov 15, 2015 at 02:04:58PM +0200, Pasi K?rkk?inen wrote: >>> On Thu, Nov 12, 2015 at 02:00:27PM +0000, George Dunlap wrote: >>>> So going forward, we're moving the CentOS 6 Xen packages from the >>>> custom

On Wed, Nov 18, 2015 at 1:31 PM, Pasi K?rkk?inen <pasik at iki.fi> wrote: > On Wed, Nov 18, 2015 at 02:20:49PM +0200, Manuel Wolfshant wrote: >> On 11/18/2015 02:08 PM, Pasi K?rkk?inen wrote: >> >Hello, >> > >> >On Sun, Nov 15, 2015 at 06:42:18PM +0200, Pasi K?rkk?inen wrote: >> >>On Sun, Nov 15, 2015 at 02:04:58PM +0200, Pasi K?rkk?inen wrote:

On 11/12/2015 04:00 PM, George Dunlap wrote: > To update to the new repository structure, install the > centos-release-xen package directly from the new repo: > > yum updatehttp://mirror.centos.org/centos/6/virt/x86_64/xen/centos-release-xen-7-11.el6.x86_64.rpm > > This should replace the xen4 repositories with the new virt sig [root at xenh4bis ~]# yum update -y

On Thu, Nov 12, 2015 at 2:03 PM, Manuel Wolfshant <wolfy at nobugconsulting.ro> wrote: > On 11/12/2015 04:00 PM, George Dunlap wrote: >> >> To update to the new repository structure, install the >> centos-release-xen package directly from the new repo: >> >> yum >>

Hello, On Sun, Nov 15, 2015 at 06:42:18PM +0200, Pasi K?rkk?inen wrote: > On Sun, Nov 15, 2015 at 02:04:58PM +0200, Pasi K?rkk?inen wrote: > > On Thu, Nov 12, 2015 at 02:00:27PM +0000, George Dunlap wrote: > > > So going forward, we're moving the CentOS 6 Xen packages from the > > > custom "xen4" repos that were introduced several years ago, to repos >

On Wed, Nov 18, 2015 at 02:20:49PM +0200, Manuel Wolfshant wrote: > On 11/18/2015 02:08 PM, Pasi K?rkk?inen wrote: > >Hello, > > > >On Sun, Nov 15, 2015 at 06:42:18PM +0200, Pasi K?rkk?inen wrote: > >>On Sun, Nov 15, 2015 at 02:04:58PM +0200, Pasi K?rkk?inen wrote: > >>>On Thu, Nov 12, 2015 at 02:00:27PM +0000, George Dunlap wrote: > >>>>So

On Thu, Nov 12, 2015 at 02:00:27PM +0000, George Dunlap wrote: > So going forward, we're moving the CentOS 6 Xen packages from the > custom "xen4" repos that were introduced several years ago, to repos > based on its position as a sub-project of the Virt Sig. That will > make things consistent between all the sigs, as well as between CentOS > 6 and 7 Xen packages.

On Thu, Nov 19, 2015 at 12:28 PM, George Dunlap <dunlapg at umich.edu> wrote: > On Wed, Nov 18, 2015 at 1:31 PM, Pasi K?rkk?inen <pasik at iki.fi> wrote: >> On Wed, Nov 18, 2015 at 02:20:49PM +0200, Manuel Wolfshant wrote: >>> On 11/18/2015 02:08 PM, Pasi K?rkk?inen wrote: >>> >Hello, >>> > >>> >On Sun, Nov 15, 2015 at 06:42:18PM

On 01/06/2015 09:09 AM, Johnny Hughes wrote: > On 01/06/2015 08:38 AM, Philippe-A. Lemelin wrote: >> >> >> On 15-01-06 09:21 AM, George Dunlap wrote: >>> On Tue, Jan 6, 2015 at 11:42 AM, Pasi K?rkk?inen <pasik at iki.fi> wrote: >>>> Hello, >>>> >>>> It seems currently when you "yum update" CentOS 6.6 Xen host you end

There are xen rpms in the testing repos for XSA 207 and 208 in the testing repos (xen-4.4.4-18.el6, xen-4.6.3-7.el6, xen-4.6.3-7.el7). You can enable the applicable centos-virt-xen-testing repo in your /etc/yum.repos.d/CentOS-Xen.repo file. Please report positive and negative tests to this list so we can promote the updates to the main repos. Thanks, Johnny Hughes -------------- next part

Given the circumstances, might it make sense to offer formal advisories of some type for these to indicate when the packages going to live are for security or other reasons? On 02/17/2017 09:51 AM, Johnny Hughes wrote: > These updates have now been pushed to mirror.centos.org and you can get > them from the main repos. > > On 02/15/2017 08:27 AM, Johnny Hughes wrote: >> There

Hello, According to Xen4Centos wiki, Xen bugs should be reported by bugs.centos.org, Centos-6 => Xen4 project. I have reported a bug with initscripts locking in xen-runtime-4.6-6 https://bugs.centos.org/view.php?id=10807 Meanwhile, new xen-runtime-4.6-7 has been issued (in testing repo), and this bug is still present. Does anybody handle these bugs in bugs.centos.org, or should I report it

On Tue, Jan 06, 2015 at 12:23:28PM -0600, Johnny Hughes wrote: > > > > I am doing a newer: > > > > 1. kernel from kernel.org (3.10.63), also the e1000e kernel module for that. > > > > 2. libvirt rolling in the last patch in this tree: > > http://libvirt.org/git/?p=libvirt.git;a=shortlog;h=refs/heads/v0.10.2-maint > > > > 3. newer xen-4.2.5

On Tue, Jan 06, 2015 at 08:47:14PM +0200, Pasi K?rkk?inen wrote: > On Tue, Jan 06, 2015 at 12:23:28PM -0600, Johnny Hughes wrote: > > > > > > I am doing a newer: > > > > > > 1. kernel from kernel.org (3.10.63), also the e1000e kernel module for that. > > > > > > 2. libvirt rolling in the last patch in this tree: > > >

Hi all, Following instructions at http://wiki.centos.org/QaWiki/Xen4 to setup Xen on CentOS 6.4. Unfortunately after installing Xen and modifying the boot line there is a kernel panic during the boot process causing the host to enter a reboot loop. Console log attached. [<ffffffff81575480>] panic+0xc4/0x1e1 [<ffffffff81054836>] find_new_reaper+0x176/0x180

Hello, Are XSA-289 and XSA-274/CVE-2018-14678 fixed with Xen recent 4.8, 4.10 and kernel 4.9.177 packages ? Thank you

Ian Jackson writes ("64bit PV guest breakout [XSA-213]"): > Source: xen > Version: 4.4.1-9 > Severity: important > Tags: security upstream fixed-upstream > > See > https://xenbits.xen.org/xsa/advisory-213.html Ian Jackson writes ("grant transfer allows PV guest to elevate privileges [XSA-214]"): > Source: xen > Version: 4.4.1-9 > Severity:

Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"): > On Thu, May 04, 2017 at 05:59:18PM +0100, Ian Jackson wrote: > > Should I put jessie-security in the debian/changelog and dgit push it > > (ie, from many people's pov, dput it) ? > > Yes, the distribution line should be jessie-security, but please send > a

Dear Security Team, I have prepared a new upload addressing a number of open security issues in Xen. Due to the complexity of the patches that address XSA-273 [0] the packages have been built from upstream's staging-4.8 / staging-4.10 branch again as recommended in that advisory. Commits on those branches are restricted to those that address the following XSAs (cf. [1]): - XSA-273