[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [ANNOUNCE] Xen 4.2.5 released

To: <xen-announce@xxxxxxxxxxxxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Wed, 03 Sep 2014 08:32:10 +0100
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 03 Sep 2014 07:32:18 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

All,

I am pleased to announce the release of Xen 4.2.5. This is
available immediately from its git repository
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.2 
(tag RELEASE-4.2.5) or from the XenProject download page
http://www.xenproject.org/downloads/xen-archives/supported-xen-42-series/xen-425.html
 

Note that this is expected to be the last release of the 4.2 stable
series. The tree will be switched to security only maintenance mode
after this release.

This fixes the following critical vulnerabilities:
 * CVE-2014-2599 / XSA-89
    HVMOP_set_mem_access is not preemptible
 * CVE-2014-3124 / XSA-92
    HVMOP_set_mem_type allows invalid P2M entries to be created
 * CVE-2014-3967,CVE-2014-3968 / XSA-96
    Vulnerabilities in HVM MSI injection
 * CVE-2014-4021 / XSA-100
    Hypervisor heap contents leaked to guests

Apart from those there are many further bug fixes and improvements.

We recommend all users of the 4.2 stable series to update to this
latest point release.

Regards,
Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Prev by Date: [Xen-devel] [ANNOUNCE] Xen 4.3.3 released
Next by Date: [Xen-devel] [PATCH 0/5] Basic guest memory introspection support
Previous by thread: [Xen-devel] [ANNOUNCE] Xen 4.3.3 released
Next by thread: [Xen-devel] [PATCH 0/5] Basic guest memory introspection support
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.