All,
I am pleased to announce the release of Xen 4.1.5. This is
available immediately from its git repository:
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.1
(tag RELEASE-4.1.5) or from the XenProject download page
http://www.xenproject.org/downloads/xen-archives/supported-xen-41-series/xen-415.html
This fixes the following critical vulnerabilities:
* CVE-2012-5634 / XSA-33:
VT-d interrupt remapping source validation flaw
* CVE-2013-0153 / XSA-36:
interrupt remap entries shared and old ones not cleared on AMD IOMMUs
* CVE-2013-0215 / XSA-38:
oxenstored incorrect handling of certain Xenbus ring states
* CVE-2013-0215 / XSA-38:
oxenstored incorrect handling of certain Xenbus ring states
* CVE-2012-6075 / XSA-41:
qemu (e1000 device driver): Buffer overflow when processing large packets
* CVE-2013-1917 / XSA-44:
Xen PV DoS vulnerability with SYSENTER
* CVE-2013-1919 / XSA-46:
Several access permission issues with IRQs for unprivileged guests
* CVE-2013-1920 / XSA-47:
Potential use of freed memory in event channel operations
* CVE-2013-1964 / XSA-50:
grant table hypercall acquire/release imbalance
We recommend all users of the 4.1 stable series to update to this
latest point release.
Among many bug fixes and improvements (around 50 since Xen 4.1.4):
* ACPI APEI/ERST finally working on production systems
* Bug fixes for other low level system state handling
* Support for xz compressed Dom0 and DomU kernels
Regards,
Jan