* [ANNOUNCE] Xen 4.1.3 and 4.0.4 released
@ 2012-08-10 13:11 Keir Fraser
0 siblings, 0 replies; only message in thread
From: Keir Fraser @ 2012-08-10 13:11 UTC (permalink / raw)
To: xen-devel; +Cc: Lars Kurth
Folks,
I am pleased to announce the release of Xen 4.0.4 and 4.1.3. These are
available immediately from their respective mercurial repositories:
http://xenbits.xen.org/xen-4.0-testing.hg (tag RELEASE-4.0.4)
http://xenbits.xen.org/xen-4.1-testing.hg (tag RELEASE-4.1.3)
These fix the following critical vulnerabilities:
* CVE-2012-0217 / XSA-7:
PV guest privilege escalation vulnerability
* CVE-2012-0218 / XSA-8:
guest denial of service on syscall/sysenter exception generation
* CVE-2012-2934 / XSA-9:
PV guest host Denial of Service
* CVE-2012-3432 / XSA-10:
HVM guest user mode MMIO emulation DoS vulnerability
* CVE-2012-3433 / XSA-11:
HVM guest destroy p2m teardown host DoS vulnerability
We recommend all users of the 4.0 and 4.1 stable series to update to these
latest point releases.
Among many bug fixes and improvements (over 100 since Xen 4.1.2):
* Updates for the latest Intel/AMD CPU revisions
* Bug fixes and improvements to the libxl tool stack
* Bug fixes for IOMMU handling (device passthrough to HVM guests)
* Bug fixes for host kexec/kdump
Regards,
Keir
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2012-08-10 13:11 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-08-10 13:11 [ANNOUNCE] Xen 4.1.3 and 4.0.4 released Keir Fraser
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).