[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-announce] Xen 4.1.5 released


  • To: xen-announce@xxxxxxxxxxxxx
  • From: Lars Kurth <lars.kurth@xxxxxxx>
  • Date: Thu, 25 Apr 2013 11:42:29 +0100
  • Delivery-date: Thu, 25 Apr 2013 10:45:13 +0000
  • List-id: "Xen announcements \(low volume\)" <xen-announce.lists.xen.org>




-------- Original Message --------
Subject: [Xen-devel] [ANNOUNCE] Xen 4.1.5 released
Date: Thu, 25 Apr 2013 10:56:52 +0100
From: Jan Beulich <JBeulich@xxxxxxxx>
To: xen-devel <xen-devel@xxxxxxxxxxxxx>


All,

I am pleased to announce the release of Xen 4.1.5. This is
available immediately from its git repository:
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.1
(tag RELEASE-4.1.5) or from the XenProject download page
http://www.xenproject.org/downloads/xen-archives/supported-xen-41-series/xen-415.html

This fixes the following critical vulnerabilities:
 * CVE-2012-5634 / XSA-33:
    VT-d interrupt remapping source validation flaw
 * CVE-2013-0153 / XSA-36:
    interrupt remap entries shared and old ones not cleared on AMD IOMMUs
 * CVE-2013-0215 / XSA-38:
    oxenstored incorrect handling of certain Xenbus ring states
 * CVE-2012-6075 / XSA-41:
    qemu (e1000 device driver): Buffer overflow when processing large packets
 * CVE-2013-1917 / XSA-44:
    Xen PV DoS vulnerability with SYSENTER
 * CVE-2013-1919 / XSA-46:
    Several access permission issues with IRQs for unprivileged guests
 * CVE-2013-1920 / XSA-47:
    Potential use of freed memory in event channel operations
 * CVE-2013-1964 / XSA-50:
    grant table hypercall acquire/release imbalance

We recommend all users of the 4.1 stable series to update to this
latest point release.

Among many bug fixes and improvements (around 50 since Xen 4.1.4):
 * ACPI APEI/ERST finally working on production systems
 * Bug fixes for other low level system state handling
 * Support for xz compressed Dom0 and DomU kernels

Regards,
Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel




_______________________________________________
Xen-announce mailing list
Xen-announce@xxxxxxxxxxxxx
http://lists.xen.org/xen-announce

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.