[ubuntu/kinetic-proposed] xen 4.16.1-1 (Accepted)

Christian Ehrhardt  christian.ehrhardt at canonical.com
Wed Jul 20 06:52:58 UTC 2022 

xen (4.16.1-1) unstable; urgency=medium

  * Update to new upstream version 4.16.1, which also contains security fixes
    for the following issues:
    - Racy interactions between dirty vram tracking and paging log dirty
      hypercalls
      XSA-397 CVE-2022-26356
    - Multiple speculative security issues
      XSA-398 (no CVE yet)
    - race in VT-d domain ID cleanup
      XSA-399 CVE-2022-26357
    - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues
      XSA-400 CVE-2022-26358 CVE-2022-26359 CVE-2022-26360 CVE-2022-26361
  * Note that the following XSA are not listed, because...
    - XSA-396 has patches for the Linux kernel.
  * Don't ship NEWS in libxen* packages. Instead, only ship relevant NEWS
    items for actual hypervisor and/or utils packages they belong to.
    (Closes: #962267)
  * d/control: make xen-hypervisor-common arch specific, just like
    xen-utils-common.
  * d/control: stop recommending qemu-system-x86 on arm, because qemu is not
    being built with xen support on arm...
  * Add a patch for tools/libs/light/Makefile which prevents build.o and
    build.opic to be rebuilt unneededly during the package install phase,
    causing a FTBFS because it triggers the use of ccache, which is not
    allowed in the install phase of building the Debian packages.

  Improvements related to Qemu integration:  [Michael Tokarev]
  * d/xen-utils-common.xen.init: properly disable qemu monitor/serial/parallel
    devices for qemu started at boot.
  * debian: switch from recommending qemu-system-x86 to qemu-system-xen and
    mention this change in the NEWS file.
  * Add patch "give meaningful error message if qemu device model is
    unavailable" to give a useful error message only in case the domU needs
    the qemu device model which is not installed, instead of giving a warning
    about missing qemu even if it is not used by this domain.

  Documentation, grammar and spelling fixes and improvements:
  * d/control: drop obsolete paragraph about separate xen linux kernel package
  * d/control: Harmonize the capitalization of the 'Xen' word  [Diederik de Haas]
  * d/control: Improve spelling and grammar  [Diederik de Haas]`

Date: 2022-05-10 04:42:07.766305+00:00
Signed-By: Christian Ehrhardt  <christian.ehrhardt at canonical.com>
https://launchpad.net/ubuntu/+source/xen/4.16.1-1
-------------- next part --------------
Sorry, changesfile not available.

More information about the kinetic-changes mailing list