ubuntu/+source/xen:ubuntu/wily-updates

Last commit made on 2016-07-05
Get this branch:
git clone -b ubuntu/wily-updates https://git.launchpad.net/ubuntu/+source/xen
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/wily-updates
Repository:
lp:ubuntu/+source/xen

Recent commits

40dfac8... by Stefan Bader on 2016-06-30

Import patches-unapplied version 4.5.1-0ubuntu1.4 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 8655bdc341658d044fd5c55d12d6524030409f0f

New changelog entries:
  * Applying Xen Security Advisories:
    - CVE-2016-3158, CVE-2016-3159 / XSA-172
      * x86: fix information leak on AMD CPUs
    - CVE-2016-3960 / XSA-173
      * x86: limit GFNs to 32 bits for shadowed superpages.
    - CVE-2016-4962 / XSA-175
      * libxl: Record backend/frontend paths in /libxl/$DOMID
      * libxl: Provide libxl__backendpath_parse_domid
      * libxl: Do not trust frontend in libxl__devices_destroy
      * libxl: Do not trust frontend in libxl__device_nextid
      * libxl: Do not trust frontend for disk eject event
      * libxl: Do not trust frontend for disk in getinfo
      * libxl: Do not trust frontend for vtpm list
      * libxl: Do not trust frontend for vtpm in getinfo
      * libxl: Do not trust frontend for nic in libxl_devid_to_device_nic
      * libxl: Do not trust frontend for nic in getinfo
      * libxl: Do not trust frontend for channel in list
      * libxl: Do not trust frontend for channel in getinfo
      * libxl: Cleanup: Have libxl__alloc_vdev use /libxl
      * libxl: Document ~/serial/ correctly
    - CVE-2016-4480 / XSA-176
      * x86/mm: fully honor PS bits in guest page table walks
    - CVE-2016-4963 / XSA-178
      * libxl: Make copy of every xs backend in /libxl in _generic_add
      * libxl: Do not trust backend in libxl__device_exists
      * libxl: Do not trust backend for vtpm in getinfo (except uuid)
      * libxl: Do not trust backend for vtpm in getinfo (uuid)
      * libxl: cdrom eject and insert: write to /libxl
      * libxl: Do not trust backend for disk eject vdev
      * libxl: Do not trust backend for disk; fix driver domain disks list
      * libxl: Do not trust backend for disk in getinfo
      * libxl: Do not trust backend for cdrom insert
      * libxl: Do not trust backend for channel in getinfo
      * libxl: Rename libxl__device_{nic,channel}_from_xs_be to _from_xenstore
      * libxl: Rename READ_BACKEND to READ_LIBXLDEV
      * libxl: Have READ_LIBXLDEV use libxl_path rather than be_path
      * libxl: Do not trust backend in nic getinfo
      * libxl: Do not trust backend for nic in devid_to_device
      * libxl: Do not trust backend for nic in list
      * libxl: Do not trust backend in channel list
      * libxl: Cleanup: use libxl__backendpath_parse_domid in
               libxl__device_disk_from_xs_be
      * libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
    - CVE-2016-5242 / XSA-181
      * xen/arm: Don't free p2m->first_level in p2m_teardown() before
                 it has been allocated

8655bdc... by Stefan Bader on 2016-02-23

Import patches-unapplied version 4.5.1-0ubuntu1.3 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 7266096be07a24f0e6c0ffd7da5777333a5667c9

New changelog entries:
  * Applying Xen Security Advisories:
    - CVE-2016-2270 / XSA-154
      * x86: enforce consistent cachability of MMIO mappings
    - CVE-2016-1570 / XSA-167
      * x86/mm: PV superpage handling lacks sanity checks
    - CVE-2016-1571 / XSA-168
      * x86/VMX: prevent INVVPID failure due to non-canonical guest address
    - CVE-2015-8615 / XSA-169
      * x86: make debug output consistent in hvm_set_callback_via
    - CVE-2016-2271 / XSA-170
      * x86/VMX: sanitize rIP before re-entering guest

7266096... by Stefan Bader on 2015-12-16

Import patches-unapplied version 4.5.1-0ubuntu1.2 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 3aba3edcde934f010b55b6048f68e52995416535

New changelog entries:
  * Applying Xen Security Advisories:
    - CVE-2015-8550 / XSA-155
      * xen: Add RING_COPY_REQUEST()
      * blktap2: Use RING_COPY_REQUEST
      * libvchan: Read prod/cons only once.
    - CVE-2015-8338 / XSA-158
      * memory: split and tighten maximum order permitted in memops
    - CVE-2015-8339, CVE-2015-8340 / XSA-159
      * memory: fix XENMEM_exchange error handling
    - CVE-2015-8341 / XSA-160
      * libxl: Fix bootloader-related virtual memory leak on pv
        build failure
    - CVE-2015-8555 / XSA-165
      * x86: don't leak ST(n)/XMMn values to domains first using them
    - CVE-2015-???? / XSA-166
      * x86/HVM: avoid reading ioreq state more than once

3aba3ed... by Stefan Bader on 2015-11-03

Import patches-unapplied version 4.5.1-0ubuntu1.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: d9beac0e2f773cc17c9f2fa7eec786252aae03f3

New changelog entries:
  * Applying Xen Security Advisories:
    - CVE-2015-7311 / XSA-142
      * libxl: handle read-only drives with qemu-xen
    - CVE-2015-7812 / XSA-145
      * xen/arm: Support hypercall_create_continuation for multicall
    - CVE-2015-7813 / XSA-146
      * xen: arm: rate-limit logging from unimplemented PHYSDEVOP and HVMOP.
    - CVE-2015-7814 / XSA-147
      * xen: arm: handle races between relinquish_memory and
        free_domheap_pages
    - CVE-2015-7835 / XSA-148
      * x86: guard against undue super page PTE creation
    - CVE-2015-7969 / XSA-149
      * xen: free domain's vcpu array
    - CVE-2015-7970 / XSA-150
      * x86/PoD: Eager sweep for zeroed pages
    - CVE-2015-7969 / XSA-151
      * xenoprof: free domain's vcpu array
    - CVE-2015-7971 / XSA-152
      * x86: rate-limit logging in do_xen{oprof,pmu}_op()
    - CVE-2015-7972 / XSA-153
      * libxl: adjust PoD target by memory fudge, too
    - CVE-2015-5307 / XSA-156
      * x86/HVM: always intercept #AC and #DB

d9beac0... by Stefan Bader on 2015-09-02

Import patches-unapplied version 4.5.1-0ubuntu1 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 644f68d93f7b4de29c6cdb46d93c65aa4b73832c

New changelog entries:
  * New upstream stable release (4.5.1)
    - Replacing the following security changes by upstream versions:
      * CVE-2014-3969 / XSA-98 (update),
        CVE-2015-0268 / XSA-117, CVE-2015-1563 / XSA-118,
        CVE-2015-2152 / XSA-119, CVE-2015-2044 / XSA-121,
        CVE-2015-2045 / XSA-122, CVE-2015-2151 / XSA-123,
        CVE-2015-2752 / XSA-125, CVE-2015-2751 / XSA-127
    - Included security changes which where not yet applied:
      * CVE-2015-4163 / XSA-134, CVE-2015-4164 / XSA-136
  * Applying additional Xen Security Advisories:
    - CVE-2015-3259 / XSA-137
      * xl: Sane handling of extra config file arguments
    - CVE-2015-6654 / XSA-141
      * xen/arm: mm: Do not dump the p2m when mapping a foreign gfn

644f68d... by Bastian Blank on 2015-05-31

Import patches-unapplied version 4.5.1~rc1-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: fce02d9521dc05ff1360d39de95364f98a08d09d

New changelog entries:
  [ Ian Campbell ]
  * Use xen-init-dom0 from initscript when it is available.
  * Install some user facing docs in xen-utils-common. (Closes: #688308)
  [ Bastian Blank ]
  * New upstream release candidate.

fce02d9... by Bastian Blank on 2015-01-21

Import patches-unapplied version 4.5.0-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 2c61b2613b7d3c038eaa32525567699157e0b6bb

New changelog entries:
  [ Ian Campbell ]
  * New upstream release

2c61b26... by Bastian Blank on 2014-12-17

Import patches-unapplied version 4.5.0~rc3-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 714ce9b897bf9f66662990542eee84e62d129d0d

New changelog entries:
  * New upstream release candidate.
  * Re-add xend config.

714ce9b... by Bastian Blank on 2014-12-11

Import patches-unapplied version 4.4.1-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 21293d09213844181c06bad1dd7f11777b77abb3

New changelog entries:
  * Fix starvation of writers in locks.
    CVE-2014-9065

21293d0... by Bastian Blank on 2014-11-30

Import patches-unapplied version 4.4.1-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3c2872dae11ea594b2412c9b9fbac42ed14bb877

New changelog entries:
  * Fix excessive checks of hypercall arguments.
    CVE-2014-8866
  * Fix boundary checks of emulated MMIO access.
    CVE-2014-8867
  * Fix additional memory leaks in xl. (closes: #767295)