Fedora 34: FEDORA-2022-64b2c02d29 Critical Xen Hypervisor Security Update

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

update to xen-4.14.5 ---- Racy interactions between dirty vram tracking and

paging log dirty hypercalls [XSA-397, CVE-2022-26356] race in VT-d domain ID

cleanup [XSA-399, CVE-2022-26357] IOMMU: RMRR (VT-d) and unity map (AMD-Vi)

handling issues [XSA-400, CVE-2022-26358, CVE-2022-26359, CVE-2022-26360,

CVE-2022-26361]

* Fri Apr 15 2022 Michael Young - 4.14.5-1

- update to xen-4.14.5

remove or adjust patches now included or superceded upstream

* Wed Apr 6 2022 Michael Young - 4.14.4-3

- Racy interactions between dirty vram tracking and paging log dirty

hypercalls [XSA-397, CVE-2022-26356]

- race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]

- IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400,

CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]

su -c 'dnf upgrade --advisory FEDORA-2022-64b2c02d29' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure