Ubuntu
xen package

[MRE] Rebase Xen-4.4 to upstream stable 4.4.2

Bug #1476666 reported by Stefan Bader on 2015-07-21

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	xen (Ubuntu)	Invalid	Medium	Unassigned
	Trusty	Fix Released	Medium	Stefan Bader

Bug Description

SRU Justification:

Impact: Upstream Xen has released a stable update to 4.4.2. Since Trusty based on 4.4 it would be gaining us bug fixes without waiting for people to run into them. Like we do with upstream stable on the kernel. Utopic would have been 4.4 based as well but more or less has reached EOL.

Fix: Replaced the orig tarballs with the contents of the upstream stable release. Dropping patches we have picked up already.

Testcase: Basic regression testing after upgrading.

MRE discussion: http://irclogs.ubuntu.com/2013/07/22/%23ubuntu-meeting.html#t20:33

Tags:

CVE References

Revision history for this message

Stefan Bader (smb) wrote on 2015-07-21:

Delta between xen-4.4.1 and 4.4.2 Edit (96.2 KiB, text/plain)

This is the delta between the current Ubuntu 4.4.1 (with all patches applied) and the 4.4.2 (also with all patches applied, excluding ./debian and ./.pc.

Changed in xen (Ubuntu Trusty):
assignee:	nobody → Stefan Bader (smb)
importance:	Undecided → Medium
status:	New → In Progress
Changed in xen (Ubuntu):
assignee:	Stefan Bader (smb) → nobody
status:	New → Invalid

Revision history for this message

Stefan Bader (smb) wrote on 2015-07-22:

Regression test report (Intel CPU) Edit (2.1 KiB, text/plain)

Except the one failure in dom0 (which is a known problem with the test itself) all tests were ok.

Revision history for this message

Stefan Bader (smb) wrote on 2015-07-22:

Regression test report (AMD CPU) Edit (2.1 KiB, text/plain)

All tests completed ok.

Revision history for this message

Chris J Arges (arges) wrote on 2015-08-12: Please test proposed package

Hello Stefan, or anyone else affected,

Accepted xen into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/xen/4.4.2-0ubuntu0.14.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in xen (Ubuntu Trusty):
status:	In Progress → Fix Committed
tags:	added: verification-needed

Revision history for this message

Stefan Bader (smb) wrote on 2015-08-14:

Re-ran the testing with the proposed build re-installed: same results.

tags:

added: verification-done
removed: verification-needed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2015-08-20:

This bug was fixed in the package xen - 4.4.2-0ubuntu0.14.04.1

---------------
xen (4.4.2-0ubuntu0.14.04.1) trusty; urgency=low

  * Updating to lastest upstream stable release 4.4.2 (LP: #1476666)
    - Replacing the following security changes by upstream versions:
      * CVE-2014-5146, CVE-2014-5149 / XSA-97,
        CVE-2014-3969, CVE-2015-2290 / XSA-98 (additional fix),
        CVE-2014-7154 / XSA-104, CVE-2014-7155 / XSA-105,
        CVE-2014-7156 / XSA-106, CVE-2014-6268 / XSA-107,
        CVE-2014-7188 / XSA-108, CVE-2014-8594 / XSA-109,
        CVE-2014-8595 / XSA-110, CVE-2014-8866 / XSA-111,
        CVE-2014-8867 / XSA-112, CVE-2014-9030 / XSA-113,
        CVE-2014-9065, CVE-2014-9066 / XSA-114,
        CVE-2015-0361 / XSA-116, CVE-2015-1563 / XSA-118,
        CVE-2015-2152 / XSA-119, CVE-2015-2044 / XSA-121,
        CVE-2015-2045 / XSA-122, CVE-2015-2151 / XSA-123
  * Refreshed d/p/version.patch to fix some fuzz when applying. No
    functional change.

-- Stefan Bader <email address hidden> Mon, 20 Jul 2015 11:34:38 +0200

Changed in xen (Ubuntu Trusty):
status:	Fix Committed → Fix Released

Revision history for this message

Brian Murray (brian-murray) wrote on 2015-08-20: Update Released

The verification of the Stable Release Update for xen has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.