similar to: Updated Xen packages available

Displaying 20 results from an estimated 20000 matches similar to: "Updated Xen packages available"

2016 Feb 17
0
XSAs 170 and 154, repository layouts, and centos-release-xen 8-1
On Wed, Feb 17, 2016 at 12:30 PM, George Dunlap <dunlapg at umich.edu> wrote: > I have the following packages going through the CBS: > * A CentOS 7 xen-4.6.1-2, with XSAs 170 and 154 > * A CentOS 6 xen-4.6.1-2, with XSAs 170 and 154 > * A CentOS 6 xen-4.4.3-11, with XSAs 170 > > All these should show up in mirrors hopefully sometime later today. > As usual, please report
2016 Feb 17
8
XSAs 170 and 154, repository layouts, and centos-release-xen 8-1
I have the following packages going through the CBS: * A CentOS 7 xen-4.6.1-2, with XSAs 170 and 154 * A CentOS 6 xen-4.6.1-2, with XSAs 170 and 154 * A CentOS 6 xen-4.4.3-11, with XSAs 170 All these should show up in mirrors hopefully sometime later today. As usual, please report any problems here. Xen 4.4 only has XSA 170 because at the time the embargo was lifted, I didn't have a suitable
2016 Jan 13
1
CentOS 6 Xen: XSAs 167-169, update to Xen 4.6
XSA 169 is out, but is low-priority and has a work-around, so I'm going to batch it together with XSAs 167-168 and release a new 4.4.3 package when the embargo is lifted next Wednesday. This will be the last XSA update for the 4.4.3 packages. Today or tomorrow I will push the Xen 4.6.0 packages to buildlogs for testing; and sometime after the final 4.4.3 packages are released, I will push
2015 Jun 10
0
XSAs 134, 135, and 136
Just to let people know what's going on: The embargo for XSA-135 lifted today at 1400 UTC. The embargoes for XSAs 134 and 136 lift tomorrow at 1200 UTC. XSA-135 only affects guests which have been assigned a PCNET emulated NIC, which is not the default; as such, it doesn't seem terribly urgent to push the fix today. So rather than push one fix today and another tomorrow, our plan is
2012 Dec 03
0
Uncontrolled disclosure of advisories XSA-26 to XSA-32
We just sent the message below to the security advisory predisclosure list, relating to the release of XSA-26 to XSA-32. As you will see, these have now been publicly released. We''ll have a proper conversation about this in a week or two. Thanks for your attention, Ian. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We regret to announce that a member of the predisclosure list
2018 Jan 17
4
Xen 4.6.6-9 (with XPTI meltdown mitigation) packages making their way to centos-virt-xen-testing
I've built & tagged packages for CentOS 6 and 7 4.6.6-9, with XPTI "stage 1" Meltdown mitigation. This will allow 64-bit PV guests to run safely (with a few caveats), but incurs a fairly significant slowdown for 64-bit PV guests on Intel boxes (including domain 0). If you prefer using Vixen / Comet, you can turn it off by adding 'xpti=0' to your Xen command-line.
2018 Jan 18
0
Xen 4.6.6-9 (with XPTI meltdown mitigation) packages making their way to centos-virt-xen-testing
Thanks George. As there are now quite many options to choose from, what would be the best option performance wise for running 32bit domUs under xen-4.6? Best, Peter On Wed, Jan 17, 2018 at 7:14 PM, George Dunlap <dunlapg at umich.edu> wrote: > I've built & tagged packages for CentOS 6 and 7 4.6.6-9, with XPTI > "stage 1" Meltdown mitigation. > > This will
2015 Nov 19
3
CentOS 6 Xen package update (including XSA-156)
On Wed, Nov 18, 2015 at 1:31 PM, Pasi K?rkk?inen <pasik at iki.fi> wrote: > On Wed, Nov 18, 2015 at 02:20:49PM +0200, Manuel Wolfshant wrote: >> On 11/18/2015 02:08 PM, Pasi K?rkk?inen wrote: >> >Hello, >> > >> >On Sun, Nov 15, 2015 at 06:42:18PM +0200, Pasi K?rkk?inen wrote: >> >>On Sun, Nov 15, 2015 at 02:04:58PM +0200, Pasi K?rkk?inen wrote:
2014 Jul 07
2
Xen 4.4.1-rc1+ rebase
I've got a first cut of the rebase here: git://github.com/gwd/sig-virt-xen out/update-4.4.1-rc1-ee81dda-RFC To build it, you'll need to download the polarssl tarball: http://xenbits.xen.org/xen-extfiles/polarssl-1.1.4-gpl.tgz And you'll need a tarball based on (unfortunately) a private tree, which you can find here: git://github.com/gwd/xen base/update-4.4.1-rc1-ee81dda-RFC This
2015 Nov 25
0
CentOS 6 Xen package update (including XSA-156)
On Thu, Nov 19, 2015 at 12:28 PM, George Dunlap <dunlapg at umich.edu> wrote: > On Wed, Nov 18, 2015 at 1:31 PM, Pasi K?rkk?inen <pasik at iki.fi> wrote: >> On Wed, Nov 18, 2015 at 02:20:49PM +0200, Manuel Wolfshant wrote: >>> On 11/18/2015 02:08 PM, Pasi K?rkk?inen wrote: >>> >Hello, >>> > >>> >On Sun, Nov 15, 2015 at 06:42:18PM
2018 Jan 16
1
"Vixen" HVM shim package available in virt-xen-testing
To install the package: yum --enablerepo=virt-xen-VV-testing xen-vixen Where VV is '44', '46', or '48', depending on which version you're using. (It's the same package for all versions.) This will install the xen-vixen "shim" binary, as well as the pvshim-converter script. See XSA-254 [1] for detailed information about who should use it, why, and
2017 Sep 07
2
Updated Xen packages for XSA 216..225
(*Really* switching to my personal address not because I'm not doing work for Citrix, but because the corporate email is not working properly. Sigh. Also, email updated a bit.) Ian Jackson writes ("Re: Updated Xen packages for XSA 216..225"): > Ian Jackson writes ("Re: Updated Xen packages for XSA 216..225"): > > Hi. I was away and am now back. There are a lot
2015 Apr 23
3
Xen 4.4.2 (with XSA-132) in virt6-testing
I've got Xen 4.4.2 in virt6-testing. I haven't had a chance to test it, and won't for another week or two; but if some volunteers can put it through its paces, I can ask Johnny to push it to the public repo sometome early next week. Thanks, -George
2012 Nov 13
0
Xen Security Advisory 25 (CVE-2012-4544, CVE-2012-2625) - Xen domain builder Out-of-memory due to malicious kernel/ramdisk
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2012-4544,CVE-2012-2625 / XSA-25 version 2 Xen domain builder Out-of-memory due to malicious kernel/ramdisk UPDATES IN VERSION 2 ==================== Clarify that XSA-25 is reporting, via the Xen.org security process, both CVE-2012-4544 and CVE-2012-2625. Also we would like to
2015 Dec 08
1
Xen build with XSAs through 163 in progress
Just a heads-up: A Xen package with XSAs through 163 is on its way through the build system. I'll send an announcement when I've tagged it as ready to be propagated to the mirrors. As with the last XSA update, it will depend on having manually updated to the new Virt SIG repository layout. If you haven't already please run the following in preparation: yum install
2012 Sep 06
0
Bug#686848: CVE-2007-0998: Qemu monitor can be used to access host resources
Package: xen-qemu-dm-4.0 Version: 4.0.1-2+squeeze1 Severity: grave Tags: squeeze Copying the Xen Security Advisory: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-19 guest administrator can access qemu monitor console ISSUE DESCRIPTION ================= A guest administrator who is granted access to the graphical console of a Xen guest can
2012 Sep 06
0
Re: [oss-security] Xen Security Advisory 19 - guest administrator can access qemu monitor console
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/06/2012 10:13 AM, Xen.org security team wrote: > Xen Security Advisory XSA-19 > > guest administrator can access qemu monitor console > > > ISSUE DESCRIPTION > ================= > > A guest administrator who is granted access to the graphical console > of a Xen guest can access the qemu
2016 Jan 21
0
CentOS 6 Virt SIG Xen 4.6 packages available in centos-virt-xen-testing
Well when the last upgrade 4.2 > 4.4 went live and XM was disabled by default it took many hosts down without warning. 4.4 > 4.6 may cause the same issues. It's a dangerous upgrade for sure. Why can't 4.4 be LTS for C6? as it's the last build with XM. Any XSA patches should not be hard to backport. and maybe the optional xen4.6 for C6. On 21 January 2016 at 13:09, President
2012 Sep 06
1
Fwd: [Xen-announce] Xen Security Advisory 19 - guest administrator can access qemu monitor console
Hi everyone at the security team, I'd like to upload an update of xen-qemu-dm-4.0 in Squeeze. Below is the Xen Security Advisory as I received it, attached is the patch that they provided. Both the debdiff and the updated packages are available in here: http://archive.gplhost.com/pub/security/xen-qemu-dm-4.0/ Please allow me to upload this fix. If you wish, I can prepare a DSA as well (but
2015 May 13
0
Xen Security Advisory 133 (CVE-2015-3456) - Privilege escalation via emulated floppy disk drive
xen-4.4.2-2, available from the virt6-testing repository, includes the fix for this issue. Note that Xen actually does attempt to disable the floppy disk for HVM domains by default, but due to a bug in qemu, the floppy disk only partially disabled; enough functionality to exploit this bug remains. This should be available from the normal xen4 repositories sometime this afternoon. -George