ubuntu/+source/xen:ubuntu/disco

Last commit made on 2018-05-03
Get this branch:
git clone -b ubuntu/disco https://git.launchpad.net/ubuntu/+source/xen
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/disco
Repository:
lp:ubuntu/+source/xen

Recent commits

bdebf52... by Matthias Klose on 2018-05-03

Import patches-unapplied version 4.9.2-0ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ecfa33fc1861e429ea08d7c3f9d01982c49a63e7

New changelog entries:
  * No-change rebuild for ncurses soname changes.

ecfa33f... by Stefan Bader on 2018-04-12

Import patches-unapplied version 4.9.2-0ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 74cdf5ebbe05e38983f23bbe03a2c769e473c42d

New changelog entries:
  * Update to upstream 4.9.2 release (LP: #1763354).
    Changes include numerous bugfixes, including security fixes/updates.
    4.9.0 -> 4.9.1:
    - XSA-226 / CVE-2017-12135 (replacement)
    - XSA-227 / CVE-2017-12137 (replacement)
    - XSA-228 / CVE-2017-12136 (replacement)
    - XSA-230 / CVE-2017-12855 (replacement)
    - XSA-231 / CVE-2017-14316 (replacement)
    - XSA-232 / CVE-2017-14318 (replacement)
    - XSA-233 / CVE-2017-14317 (replacement)
    - XSA-234 / CVE-2017-14319 (replacement)
    - XSA-235 / CVE-2017-15596 (replacement)
    - XSA-236 / CVE-2017-15597 (new)
    - XSA-237 / CVE-2017-15590 (replacement)
    - XSA-238 / CVE-2017-15591 (replacement)
    - XSA-239 / CVE-2017-15589 (replacement)
    - XSA-240 / CVE-2017-15595 (update)
    - XSA-241 / CVE-2017-15588 (replacement)
    - XSA-242 / CVE-2017-15593 (replacement)
    - XSA-243 / CVE-2017-15592 (replacement)
    - XSA-244 / CVE-2017-15594 (replacement)
    - XSA-245 / CVE-2017-17046 (replacement)
    4.9.1 -> 4.9.2:
    - XSA-246 / CVE-2017-17044 (new)
    - XSA-247 / CVE-2017-17045 (new)
    - XSA-248 / CVE-2017-17566 (new)
    - XSA-249 / CVE-2017-17563 (new)
    - XSA-250 / CVE-2017-17564 (new)
    - XSA-251 / CVE-2017-17565 (new)
    - XSA-252 / CVE-2018-7540 (new)
    - XSA-254 / CVE-2017-5754 (new / XPTI Meltdown mitigation)
    - XSA-255 / CVE-2018-7541 (new)
    - XSA-256 / CVE-2018-7542 (new)
  * Dropped:
    d/p/ubuntu/tools-fix-ftbs-arm.patch (upstream)

74cdf5e... by Dimitri John Ledkov on 2018-04-06

Import patches-unapplied version 4.9.0-0ubuntu4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 5b089d55a6afa2ff75c1c849dda0fe2b36df4f8b

New changelog entries:
  * Compile and ship vhd-util.
  * Add dh-python to build-depends.

5b089d5... by Stefan Bader on 2017-10-10

Import patches-unapplied version 4.9.0-0ubuntu3 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: d382394889922fef2ab4e96bc5bd13c1badf4e7a

New changelog entries:
  * Applying Xen Security Advisories:
    - CVE-2017-12135 / XSA-226
      - Revert: grant_table: Default to v1, and disallow transitive grants
      - gnttab: don't use possibly unbounded tail calls
      - gnttab: fix transitive grant handling
    - CVE-2017-14316 / XSA-231
      - xen/mm: make sure node is less than MAX_NUMNODES
    - CVE-2017-14318 / XSA-232
      - grant_table: fix GNTTABOP_cache_flush handling
    - CVE-2017-14317 / XSA-233
      - tools/xenstore: dont unlink connection object twice
    - CVE-2017-14319 / XSA-234
      - gnttab: also validate PTE permissions upon destroy/replace
    - XSA-235
      - arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
    - XSA-237
      - x86: don't allow MSI pIRQ mapping on unowned device
      - x86: enforce proper privilege when (un)mapping pIRQ-s
      - x86/MSI: disallow redundant enabling
      - x86/IRQ: conditionally preserve irq <-> pirq mapping on map error paths
      - x86/FLASK: fix unmap-domain-IRQ XSM hook
    - XSA-238
      - x86/ioreq server: correctly handle bogus
        XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments
    - XSA-239
      - x86/HVM: prefill partially used variable on emulation paths
    - XSA-240
      - x86: limit linear page table use to a single level
      - x86/mm: Disable PV linear pagetables by default
    - XSA-241
      - x86: don't store possibly stale TLB flush time stamp
    - XSA-242
      - x86: don't allow page_unlock() to drop the last type reference
    - XSA-243
      - x86/shadow: Don't create self-linear shadow mappings for 4-level
        translated guests
    - XSA-244
      - x86/cpu: Fix IST handling during PCPU bringup
    - XSA-245
      - xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn
      - xen/arm: Correctly report the memory region in the dummy NUMA helpers

d382394... by Stefan Bader on 2017-08-18

Import patches-unapplied version 4.9.0-0ubuntu2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: ea1a48ce297cde06b225387861047711ad320621

New changelog entries:
  * Add libxendevicemodel references to d/libxen-dev.install

ea1a48c... by Stefan Bader on 2017-08-17

Import patches-unapplied version 4.9.0-0ubuntu1 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 24e5e9e766ba2738ab4b9b6f385d8193568353cc

New changelog entries:
  * Update to upstream 4.9.0 release.
    Changes include numerous bugfixes, including security fixes for:
    XSA-213 / CVE-2017-8903
    XSA-214 / CVE-2017-8904
    XSA-217 / CVE-2017-10912
    XSA-218 / CVE-2017-10913, CVE-2017-10914
    XSA-219 / CVE-2017-10915
    XSA-220 / CVE-2017-10916
    XSA-221 / CVE-2017-10917
    XSA-222 / CVE-2017-10918
    XSA-223 / CVE-2017-10919
    XSA-224 / CVE-2017-10920, CVE-2017-10921, CVE-2017-10922
    XSA-225 / CVE-2017-10923
  * Additional CVE's:
    - XSA-226 / CVE-2017-12135
    - XSA-227 / CVE-2017-12137
    - XSA-228 / CVE-2017-12136
    - XSA-230 / CVE-2017-12855
  * Additional fixes:
    - debian/rules.real:
      - Add a call to build common tool headers
      - Add a call to install common tool headers
    - Add checking of return values of asprintf calls.
      - d/p/ubuntu/tools-xs-test-hardening.patch
    - Add additional modifications for new libxendevicemodel
      - d/p/ubuntu/tools-libs-abiname.diff
    - Fix a segmentation fault when mmio_hole is set in hvm.cfg (from 4.9.y)
      - d/p/upstream-4.9.1-tools-libxl-Fix-a-segment-fault-when-mmio_hole...
    - Enable Local MCE feature
      - d/p/.../0001-x86-mce-make-mce-barriers-private-to-their-users.patch
      - d/p/.../0002-x86-mce-make-found_error-and-mce_fatal_cpus-private-.patch
      - d/p/.../0003-x86-mce-fix-comment-of-struct-mc_telem_cpu_ctl.patch
      - d/p/.../0004-x86-mce-allow-mce_barrier_-enter-exit-to-return-with.patch
      - d/p/.../0005-x86-mce-handle-host-LMCE.patch
      - d/p/.../0006-x86-mce_intel-detect-and-enable-LMCE-on-Intel-host.patch
      - d/p/.../0007-x86-domctl-generalize-the-restore-of-vMCE-parameters.patch
      - d/p/.../0008-x86-vmce-emulate-MSR_IA32_MCG_EXT_CTL.patch
      - d/p/.../0009-x86-vmce-enable-injecting-LMCE-to-guest-on-Intel-hos.patch
      - d/p/.../0010-x86-vmx-expose-LMCE-feature-via-guest-MSR_IA32_FEATU.patch
      - d/p/.../0011-x86-vmce-tools-libxl-expose-LMCE-capability-in-guest.patch
      - d/p/.../0012-x86-mce-add-support-of-vLMCE-injection-to-XEN_MC_inj.patch
    - Re-introduce (fake) xs_restrict call to keep libxenstore version at
      3.0 for now.
      - d/p/ubuntu/tools-fake-xs-restrict.patch
    - debian/libxenstore3.0.symbols:
      - Added xs_control_command
    - xen-4.9.0/debian/xen-hypervisor-4.9.xen.cfg:
      - Modified GRUB_DEFAULT setting to be dynamic (like update-grub does)
        which should handle non English environments (LP: #1321144)

24e5e9e... by Ian Jackson <email address hidden> on 2017-05-02

Import patches-unapplied version 4.8.1-1+deb9u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 96a3f91495abd3ebb9f2bcaba7c3a6664b57c667

New changelog entries:
  * Security fixes for XSA-213 (Closes:#861659) and XSA-214
    (Closes:#861660). (Xen 4.7 and later is not affected by XSA-215.)

96a3f91... by Ian Jackson <email address hidden> on 2017-04-18

Import patches-unapplied version 4.8.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 451bcaa74f430bcdac2709fb4edc563d5e6de48e

New changelog entries:
  * Update to upstream 4.8.1 release.
    Changes include numerous bugfixes, including security fixes for:
      XSA-212 / CVE-2017-7228 Closes:#859560
      XSA-207 / no cve yet Closes:#856229
      XSA-206 / no cve yet no Debian bug

451bcaa... by Ian Jackson <email address hidden> on 2017-01-23

Import patches-unapplied version 4.8.1~pre.2017.01.23-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: de88f23aef33fe9959ae1200841003ba24c68df6

New changelog entries:
  * Update to current upstream stable-4.8 git branch (Xen 4.8.1-pre).
    Contains bugfixes.
  * debian/control-real etc.: debian.py: Allow version numbers like this.

de88f23... by Ian Jackson <email address hidden> on 2016-12-22

Import patches-unapplied version 4.8.0-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 055dfce789cbccde9477fcc8bc6e36e2caa62efc

New changelog entries:
  * Update to upstream Xen 4.8.0.
    Includes the following security fixes:
        XSA-201 CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818
        XSA-198 CVE-2016-9379 CVE-2016-9380
        XSA-196 CVE-2016-9378 CVE-2016-9377 Closes:#845669
        XSA-195 CVE-2016-9383
        XSA-194 CVE-2016-9384 Closes:#845667
        XSA-193 CVE-2016-9385
        XSA-192 CVE-2016-9382
        XSA-191 CVE-2016-9386
    Includes other bugfixes too:
        Closes:#812166, Closes:#818525.
  Cherry picks from upstream:
  * Security fixes:
        XSA-204 CVE-2016-10013 Closes:#848713
        XSA-203 CVE-2016-10025
        XSA-202 CVE-2016-10024
    For completeness, the following XSAs do not apply here:
        XSA-197 CVE-2016-9381 Bug is in qemu
        XSA-199 CVE-2016-9637 Bug is in qemu
        XSA-200 CVE-2016-9932 Xen 4.8 is not affected
  * Cherry pick a build failure fix:
      "x86/emul: add likely()/unlikely() to test harness"
  [ Ian Jackson ]
  * Drop -lcrypto search from upstream configure, and from our
    Build-Depends. Closes:#844419.
  * Change my own email address to my work (Citrix) address. When
    uploading, I will swap hats to effectively sponsor my own upload.
  [ Ian Campbell ]
  * Start a qemu process in dom0 to service the toolstacks loopback disk
    attaches. (Closes: #770456)
  * Remove correct pidfile when stopping xenconsoled.
  * Check that xenstored has actually started before talking to it.
    Incorporate a timeout so as not to block boot (Mitigates #737613)
  * Correct syntax error in xen-init-list when running with xend
    (Closes: #763102)
  * Apply SELinux labels to directories created by initscripts. Patch from
    Russell Coker. (Closes: #764912)
  * Include a reportbug control file to redirect bugs to src:xen for
    packages which contain the Xen version in the name. Closes:#796370.
  [ Lubomir Host ]
  * Fix xen-init-name to not fail looking for a nonexistent 'config'
    entry in xl's JSON output. Closes:#818129.