What Are You Looking For?

Popular Tags

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-04473fc41e
2023-08-27 00:50:00.561311
--------------------------------------------------------------------------------

Name        : xen
Product     : Fedora 37
Version     : 4.16.5
Release     : 1.fc37
URL         : https://xen.org/
Summary     : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor

--------------------------------------------------------------------------------
Update Information:

update to xen-4.16.5 which includes x86/AMD: Speculative Return Stack Overflow
[XSA-434, CVE-2023-20569] x86/Intel: Gather Data Sampling [XSA-435,
CVE-2022-40982] remove patches now included upstream  ----  arm: Guests can
trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320] (#2228238)  ----
bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]  ----  x86/AMD: Zenbleed
[XSA-433, CVE-2023-20593]
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 11 2023 Michael Young  - 4.16.5-1
- update to xen-4.16.5 which includes
  x86/AMD: Speculative Return Stack Overflow [XSA-434, CVE-2023-20569]
  x86/Intel: Gather Data Sampling [XSA-435, CVE-2022-40982]
- remove patches now included upstream
* Tue Aug  1 2023 Michael Young  - 4.16.4-4
- arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320]
	(#2228238)
* Mon Jul 31 2023 Michael Young  - 4.16.4-3
- bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
* Wed Jul 26 2023 Michael Young  - 4.16.4-2
- x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2228237 - CVE-2023-34320 Xen Security Advisory 436 v1 (CVE-2023-34320) - arm: Guests can trigger a deadlock on Cortex-A77
        https://bugzilla.redhat.com/show_bug.cgi?id=2228237
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-04473fc41e' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 37: xen 2023-04473fc41e

August 27, 2023
update to xen-4.16.5 which includes x86/AMD: Speculative Return Stack Overflow [XSA-434, CVE-2023-20569] x86/Intel: Gather Data Sampling [XSA-435, CVE-2022-40982] remove patches no...

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

Update Information:

update to xen-4.16.5 which includes x86/AMD: Speculative Return Stack Overflow [XSA-434, CVE-2023-20569] x86/Intel: Gather Data Sampling [XSA-435, CVE-2022-40982] remove patches now included upstream ---- arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320] (#2228238) ---- bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593] ---- x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]

Change Log

* Fri Aug 11 2023 Michael Young - 4.16.5-1 - update to xen-4.16.5 which includes x86/AMD: Speculative Return Stack Overflow [XSA-434, CVE-2023-20569] x86/Intel: Gather Data Sampling [XSA-435, CVE-2022-40982] - remove patches now included upstream * Tue Aug 1 2023 Michael Young - 4.16.4-4 - arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320] (#2228238) * Mon Jul 31 2023 Michael Young - 4.16.4-3 - bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593] * Wed Jul 26 2023 Michael Young - 4.16.4-2 - x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]

References

[ 1 ] Bug #2228237 - CVE-2023-34320 Xen Security Advisory 436 v1 (CVE-2023-34320) - arm: Guests can trigger a deadlock on Cortex-A77 https://bugzilla.redhat.com/show_bug.cgi?id=2228237

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-04473fc41e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : xen
Product : Fedora 37
Version : 4.16.5
Release : 1.fc37
URL : https://xen.org/
Summary : Xen is a virtual machine monitor

Related News

Long-term Support for Linux Kernel to Be Cut as Maintenance Remains Under Strain

Sep 21, 2023

RISC-V With Linux 6.6 Offers Better Kernel Security With KASLR

Sep 11, 2023

Mitigations for Critical c-ares DoS, Code Execution Bug Released

Sep 29, 2023

Critical BusyBox Stack Overflow Vuln Fixed

Sep 22, 2023

News

Advisories

HOWTOs

Features

Guide To Tackling Network Programming Assignments On Linux
Guide To Software Security Testing On Linux
Everything You Need to Know About Linux Proxy Servers
Simple Steps for Identifying & Troubleshooting a Kernel Panic
Linux Endpoint Detection and Response (EDR): A Crucial Part of a Successful Cybersecurity Strategy

About Us

Powered By

Footer Logo

Feedback