xen - Debian Package Tracker

general

source: xen (main)
version: 4.14.1+11-gb0b734a8b3-1
maintainer: Debian Xen Team (archive) (DMD)
uploaders: Hans van Kranenburg [DMD] [DM] – Ian Jackson [DMD]
arch: all amd64 arm64 armhf i386
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 4.4.1-9+deb8u10
o-o-sec: 4.4.4lts5-0+deb8u1
oldstable: 4.8.5.final+shim4.10.4-1+deb9u12
old-sec: 4.8.5.final+shim4.10.4-1+deb9u12
stable: 4.11.4+57-g41a822c392-2
stable-sec: 4.11.4+57-g41a822c392-2
testing: 4.14.0+88-g1d1d1f5391-2
unstable: 4.14.1+11-gb0b734a8b3-1

versioned links

4.4.1-9+deb8u10: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.4.4lts5-0+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.8.5.final+shim4.10.4-1+deb9u12: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.11.4+57-g41a822c392-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.14.0+88-g1d1d1f5391-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.14.1+11-gb0b734a8b3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libxen-dev
libxencall1
libxendevicemodel1
libxenevtchn1
libxenforeignmemory1
libxengnttab1
libxenhypfs1
libxenmisc4.14
libxenstore3.0
libxentoolcore1
libxentoollog1
xen-doc
xen-hypervisor-4.14-amd64
xen-hypervisor-4.14-arm64
xen-hypervisor-4.14-armhf
xen-hypervisor-common
xen-system-amd64
xen-system-arm64
xen-system-armhf
xen-utils-4.14
xen-utils-common
xenstore-utils

action needed

2 security issues in buster high

There are 2 open security issues in buster.

2 important issues:

CVE-2021-26933: An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory before handing over the page to a guest. Unfortunately, the operation to clean the cache is happening before checking if the page was scrubbed. Therefore there is no guarantee when all the writes will reach the memory.
CVE-2021-27379: An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565.

Created: 2021-02-19 Last update: 2021-03-01 07:00

2 security issues in bullseye high

There are 2 open security issues in bullseye.

2 important issues:

CVE-2021-26933: An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory before handing over the page to a guest. Unfortunately, the operation to clean the cache is happening before checking if the page was scrubbed. Therefore there is no guarantee when all the writes will reach the memory.
CVE-2021-3308: An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors used by the MSI(-X) entries that the guest might had enabled, and hence will lead to vector exhaustion on the system, not allowing further PCI pass through devices to work properly. HVM guests with PCI pass through devices can mount a Denial of Service (DoS) attack affecting the pass through of PCI devices to other guests or the hardware domain. In the latter case, this would affect the entire host.

Created: 2021-02-19 Last update: 2021-03-01 07:00

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-03-01 11:03

Multiarch hinter reports 3 issue(s) normal

There are issues with the multiarch metadata for this package.

xen-hypervisor-common could be marked Multi-Arch: foreign
xen-doc could be converted to Architecture: all and marked Multi-Arch: foreign
libxen-dev could be marked Multi-Arch: same

Created: 2018-10-11 Last update: 2021-03-01 10:00

Depends on packages which need a new maintainer normal

The packages that xen depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec
markdown (#466330)
- Build-Depends: markdown

Created: 2019-11-22 Last update: 2021-03-01 08:34

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2020-11-29 Last update: 2021-03-01 07:01

lintian reports 50 warnings normal

Lintian reports 50 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-01-27 Last update: 2021-01-27 03:05

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2019-06-20 Last update: 2020-12-15 15:31

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2014-08-10 Last update: 2021-03-01 05:09

testing migrations

excuses:
- Migration status for xen (4.14.0+88-g1d1d1f5391-2 to 4.14.1+11-gb0b734a8b3-1): Waiting for test results, another package or too young (no action required now - check later)
- Issues preventing migration:
- autopkgtest for dpdk/20.11-2: amd64: Pass, arm64: Pass, armhf: No test results, i386: Pass, ppc64el: Test in progress
- autopkgtest for libvirt/7.0.0-2: amd64: Pass, arm64: Pass, armhf: Pass, i386: Pass, ppc64el: Test in progress
- Too young, only 0 of 10 days old
- Additional info:
- Piuparts tested OK - https://piuparts.debian.org/sid/source/x/xen.html
- Not considered

news

[rss feed]

[2021-02-28] Accepted xen 4.14.1+11-gb0b734a8b3-1 (source) into unstable (Hans van Kranenburg)
[2020-12-20] Accepted xen 4.11.4+57-g41a822c392-2 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-12-18] xen 4.14.0+88-g1d1d1f5391-2 MIGRATED to testing (Debian testing watch)
[2020-12-15] Accepted xen 4.14.0+88-g1d1d1f5391-2 (source) into unstable (Hans van Kranenburg)
[2020-12-15] Accepted xen 4.11.4+57-g41a822c392-2 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-12-15] Accepted xen 4.14.0+88-g1d1d1f5391-1 (source) into unstable (Hans van Kranenburg)
[2020-12-05] Accepted xen 4.11.4+57-g41a822c392-1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-12-04] Accepted xen 4.11.4+57-g41a822c392-1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-11-30] xen 4.14.0+80-gd101b417b7-1 MIGRATED to testing (Debian testing watch)
[2020-11-24] Accepted xen 4.14.0+80-gd101b417b7-1 (source) into unstable (Ian Jackson)
[2020-11-23] Accepted xen 4.14.0+80-gd101b417b7-1~exp2 (all amd64 source) into experimental, experimental (Debian FTP Masters) (signed by: Ian Jackson)
[2020-10-07] Accepted xen 4.11.4+37-g3263f257ca-1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-10-02] Accepted xen 4.11.4+37-g3263f257ca-1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-09-21] Accepted xen 4.14.0-1~exp1 (all amd64 source) into experimental, experimental (Debian FTP Masters) (signed by: Ian Jackson)
[2020-07-17] Accepted xen 4.11.4+24-gddaaccbbab-1~deb10u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-07-13] xen 4.11.4+24-gddaaccbbab-1 MIGRATED to testing (Debian testing watch)
[2020-07-12] Accepted xen 4.11.4+24-gddaaccbbab-1~deb10u1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-07-08] Accepted xen 4.11.4+24-gddaaccbbab-1 (source) into unstable (Hans van Kranenburg)
[2020-06-02] xen 4.11.4-1 MIGRATED to testing (Debian testing watch)
[2020-05-27] Accepted xen 4.11.4-1 (source) into unstable (Hans van Kranenburg)
[2020-01-17] Accepted xen 4.8.5.final+shim4.10.4-1+deb9u12 (all amd64 source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Ian Jackson)
[2020-01-17] Accepted xen 4.11.3+24-g14b62ab3e5-1~deb10u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Hans van Kranenburg) (signed by: Ian Jackson)
[2020-01-13] Accepted xen 4.11.3+24-g14b62ab3e5-1~deb10u1 (source amd64 all) into stable->embargoed, stable (Hans van Kranenburg) (signed by: Ian Jackson)
[2020-01-13] Accepted xen 4.8.5.final+shim4.10.4-1+deb9u12 (all amd64 source) into oldstable->embargoed, oldstable (Ian Jackson)
[2020-01-11] xen 4.11.3+24-g14b62ab3e5-1 MIGRATED to testing (Debian testing watch)
[2020-01-08] Accepted xen 4.11.3+24-g14b62ab3e5-1 (source) into unstable (Hans van Kranenburg)
[2019-10-08] Accepted xen 4.4.4lts5-0+deb8u1 (source all) into oldoldstable (Bastian Blank)
[2019-06-26] xen 4.11.1+92-g6c33308a8d-2 MIGRATED to testing (Debian testing watch)
[2019-06-24] Accepted xen 4.11.1+92-g6c33308a8d-2 (all amd64 source) into unstable (Hans van Kranenburg) (signed by: Ian Jackson)
[2019-06-19] Accepted xen 4.11.1+92-g6c33308a8d-1 (all amd64 source) into unstable (Hans van Kranenburg) (signed by: Ian Jackson)

bugs [bug history graph]

all: 24
RC: 0
I&N: 17
M&W: 7
F&P: 0
patch: 2

links

homepage
lintian (0, 50)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.11.4+24-gddaaccbbab-1ubuntu2
58 bugs (10 patches)
patches for 4.11.4+24-gddaaccbbab-1ubuntu2