ubuntu/+source/xen:applied/debian/experimental

Last commit made on 2018-09-12
Get this branch:
git clone -b applied/debian/experimental https://git.launchpad.net/ubuntu/+source/xen
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/debian/experimental
Repository:
lp:ubuntu/+source/xen

Recent commits

c132ce5... by Hans van Kranenburg on 2018-09-11

Import patches-applied version 4.11.1~pre.20180911.5acdd26fdc+dfsg-1~exp1 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: 5907bf887df27a51cf6228e2bb473a389dec30b0
Unapplied parent: 7a9f512c83dbf118dff60e692d10ef6c3723c0ce

New changelog entries:
  * Update to new upstream version 4.11.1~pre.20180911.5acdd26fdc+dfsg.
  * Remove stubdom/grub.patches/00cvs from the upstream source because it's
    not DFSG compliant. (license-problem-gfdl-invariants)
  * Override statically-linked-binary lintian error about
    usr/lib/xen-4.11/boot/xen-shim
  [ Hans van Kranenburg ]
  * Update to 4.11.1-pre commit 733450b39b, which also contains:
    - Additional fix for: Unlimited recursion in linear pagetable de-typing
      XSA-240 CVE-2017-15595 (listed as xsa240-4.8/0004)
    - Fix x86 PV guests may gain access to internally used pages
      XSA-248 CVE-2017-17566
    - Fix broken x86 shadow mode refcount overflow check
      XSA-249 CVE-2017-17563
    - Fix improper x86 shadow mode refcount error handling
      XSA-250 CVE-2017-17564
    - Fix improper bug check in x86 log-dirty handling
      XSA-251 CVE-2017-17565
    - Fix: DoS via non-preemptable L3/L4 pagetable freeing
      XSA-252 CVE-2018-7540
    - Fix x86: memory leak with MSR emulation
      XSA-253 CVE-2018-5244
    - Multiple parts of fixes for...
      Information leak via side effects of speculative execution
      XSA-254 CVE-2017-5753 CVE-2017-5715 CVE-2017-5754
      - XPTI stage 1 a.k.a. 'Meltdown band-aid', XPTI-S1 or XPTI-lite
      - Branch predictor hardening for ARM CPUs
      - Support compiling with indirect branch thunks (e.g. retpoline)
      - Report details of speculative mitigations in boot logging
    - Fix: grant table v2 -> v1 transition may crash Xen
      XSA-255 CVE-2018-7541
    - Fix: x86 PVH guest without LAPIC may DoS the host
      XSA-256 CVE-2018-7542
    - The "Comet" shim, which can be used as a mitigation for Meltdown to
      shield the hypervisor against 64-bit PV guests.
    - Fix: Information leak via crafted user-supplied CDROM
      XSA-258 CVE-2018-10472
    - Fix: x86: PV guest may crash Xen with XPTI
      XSA-259 CVE-2018-10471
    - Fix: x86: mishandling of debug exceptions
      XSA-260 CVE-2018-8897
    - Fix: x86 vHPET interrupt injection errors
      XSA-261 CVE-2018-10982
    - Fix: qemu may drive Xen into unbounded loop
      XSA-262 CVE-2018-10981
    - Fix: Speculative Store Bypass
      XSA-263 CVE-2018-3639
    - Fix: preemption checks bypassed in x86 PV MM handling
      XSA-264 CVE-2018-12891
    - Fix: x86: #DB exception safety check can be triggered by a guest
      XSA-265 CVE-2018-12893
    - Fix: libxl fails to honour readonly flag on HVM emulated SCSI disks
      XSA-266 CVE-2018-12892
    - Fix: Speculative register leakage from lazy FPU context switching
      XSA-267 CVE-2018-3665
    - Fix: Use of v2 grant tables may cause crash on ARM
      XSA-268 CVE-2018-15469
    - Fix: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
      XSA-269 CVE-2018-15468
    - Fix: oxenstored does not apply quota-maxentity
      XSA-272 CVE-2018-15470
    - Fix: L1 Terminal Fault speculative side channel
      XSA-273 CVE-2018-3620
  * Merge changes for 4.9 from the ubuntu packaging (thanks, Stefan Bader):
    - Rebase patches against upstream source (line numbers etc).
    - debian/rules.real:
      - Add a call to build common tool headers.
      - Add a call to install common tool headers.
    - debian/libxen-dev.install, d/p/ubuntu-tools-libs-abiname.diff:
      - Add additional modifications for new libxendevicemodel.
    - debian/patches/tools-fake-xs-restrict.patch:
      - Re-introduce (fake) xs_restrict call to keep libxenstore version at
        3.0 for now.
    - debian/libxenstore3.0.symbols: add xs_control_command
  * Rebase patches against 4.10 upstream source.
  * Rebase patches against 4.11 upstream source.
  * Add README.source.md to document how the packaging works.
  * This package builds correctly with gcc 7. (Closes: #853710)
  * Fix grub config file conflict when upgrading from Stretch. (Closes: #852545)
  * Init scripts: Do not kill per-domain qemu processes. (Closes: #879751)
  * debian/patches: Fix "'vwprintw' is deprecated" gcc 8 compilation error
  [ Mark Pryor ]
  * Fix shared library build dependencies for the new xentoolcore library.
  [ John Keates ]
  * Enable OVMF (Closes: #858962)

7a9f512... by Hans van Kranenburg on 2018-09-11

tools/xentop : replace use of deprecated vwprintw

Gbp-Pq: misc/tools-xentop-replace-use-of-deprecated-vwprintw.patch.

dc102d0... by Hans van Kranenburg on 2018-09-11

tools-fake-xs-restrict

Gbp-Pq: xenstore/tools-fake-xs-restrict.patch.

9456428... by Hans van Kranenburg on 2018-09-11

tools-xenstore-compatibility.diff

Gbp-Pq: xenstore/tools-xenstore-compatibility.diff.

cea8c43... by Hans van Kranenburg on 2018-09-11

tools/tests/x86_emulator: Pass -no-pie -fno-pic to gcc on x86_32

Gbp-Pq: misc/toolstestsx86_emulator-pass--no-pie--fno.patch.

08ecaa2... by Hans van Kranenburg on 2018-09-11

Remove static solaris support from pygrub

Gbp-Pq: misc/tools-pygrub-remove-static-solaris-support.

6b97e26... by Hans van Kranenburg on 2018-09-11

tools-xenmon-install.diff

Gbp-Pq: misc/tools-xenmon-install.diff.

9f46464... by Hans van Kranenburg on 2018-09-11

tools-include-install.diff

Gbp-Pq: misc/tools-include-install.diff.

520f3b8... by Hans van Kranenburg on 2018-09-11

tools-xentoolcore-abiname

Gbp-Pq: prefix-abiname/tools-xentoolcore-abiname.patch.

b63c5a9... by Hans van Kranenburg on 2018-09-11

ubuntu-tools-libs-abiname

Gbp-Pq: prefix-abiname/ubuntu-tools-libs-abiname.diff.