- 18 Dec, 2012 40 commits
-
-
Natanael Copa authored
-
Natanael Copa authored
-
Ariadne Conill authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
with forward ported vserver patch
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Alan Messias Cordeiro de Lacerda authored
-
Ariadne Conill authored
-
Roger Pau Monne authored
Excerpt from release notes: This fixes the following critical vulnerabilities: * CVE-2012-4535 / XSA-20: Timer overflow DoS vulnerability * CVE-2012-4537 / XSA-22: Memory mapping failure DoS vulnerability * CVE-2012-4538 / XSA-23: Unhooking empty PAE entries DoS vulnerability * CVE-2012-4539 / XSA-24: Grant table hypercall infinite loop DoS vulnerability * CVE-2012-4544,CVE-2012-2625 / XSA-25: Xen domain builder Out-of-memory due to malicious kernel/ramdisk * CVE-2012-5510 / XSA-26: Grant table version switch list corruption vulnerability * CVE-2012-5511 / XSA-27: several HVM operations do not validate the range of their inputs * CVE-2012-5513 / XSA-29: XENMEM_exchange may overwrite hypervisor memory * CVE-2012-5514 / XSA-30: Broken error handling in guest_physmap_mark_populate_on_demand() * CVE-2012-5515 / XSA-31: Several memory hypercall operations allow invalid extent order values * CVE-2012-5525 / XSA-32: several hypercalls do not validate input GFNs We recommend all users of the 4.2.0 code base to update to this point release. Among many bug fixes and improvements (around 100 since Xen 4.2.0): * A fix for a long standing time management issue * Bug fixes for S3 (suspend to RAM) handling * Bug fixes for other low level system state handling * Bug fixes and improvements to the libxl tool stack * Bug fixes to nested virtualization
-
Ariadne Conill authored
-
Natanael Copa authored
- instead of basing the version on a non released 2.0_rc1, based it on latest release, 1.34 - use date of latest git commit instead of the date it was generated - instead of making a git snapshot, make a patch. This way we don't need upload the source archive any place.
-
Pablo Castorino authored
-
Ariadne Conill authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Carlo Landmeter authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-
Natanael Copa authored
-