xen - Debian Package Tracker

general

source: xen (main)
version: 4.14.1+11-gb0b734a8b3-1
maintainer: Debian Xen Team (archive) (DMD)
uploaders: Hans van Kranenburg [DMD] [DM] – Ian Jackson [DMD]
arch: all amd64 arm64 armhf i386
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 4.8.5.final+shim4.10.4-1+deb9u12
old-sec: 4.8.5.final+shim4.10.4-1+deb9u12
stable: 4.11.4+99-g8bce4698f6-1
stable-sec: 4.11.4+107-gef32c7afa2-1
stable-p-u: 4.11.4+107-gef32c7afa2-1
testing: 4.14.1+11-gb0b734a8b3-1
unstable: 4.14.1+11-gb0b734a8b3-1

versioned links

4.8.5.final+shim4.10.4-1+deb9u12: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.11.4+99-g8bce4698f6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.11.4+107-gef32c7afa2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.14.1+11-gb0b734a8b3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libxen-dev
libxencall1
libxendevicemodel1
libxenevtchn1
libxenforeignmemory1
libxengnttab1
libxenhypfs1
libxenmisc4.14
libxenstore3.0
libxentoolcore1
libxentoollog1
xen-doc
xen-hypervisor-4.14-amd64
xen-hypervisor-4.14-arm64
xen-hypervisor-4.14-armhf
xen-hypervisor-common (1 bugs: 0, 1, 0, 0)
xen-system-amd64
xen-system-arm64
xen-system-armhf
xen-utils-4.14
xen-utils-common (1 bugs: 0, 1, 0, 0)
xenstore-utils

action needed

6 security issues in sid high

There are 6 open security issues in sid.

6 important issues:

CVE-2021-0089: Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2021-26313: Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.
CVE-2021-28687: HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of them. When the "soft reset" feature was implemented, the libxl__domain_suspend_state structure didn't require any initialization or disposal. At some point later, an initialization function was introduced for the structure; but the "soft reset" path wasn't refactored to call the initialization function. When a guest nwo initiates a "soft reboot", uninitialized data structure leads to an assert() when later code finds the structure in an unexpected state. The effect of this is to crash the process monitoring the guest. How this affects the system depends on the structure of the toolstack. For xl, this will have no security-relevant effect: every VM has its own independent monitoring process, which contains no state. The domain in question will hang in a crashed state, but can be destroyed by `xl destroy` just like any other non-cooperating domain. For daemon-based toolstacks linked against libxl, such as libvirt, this will crash the toolstack, losing the state of any in-progress operations (localized DoS), and preventing further administrator operations unless the daemon is configured to restart automatically (system-wide DoS). If crashes "leak" resources, then repeated crashes could use up resources, also causing a system-wide DoS.
CVE-2021-28690:
CVE-2021-28692:
CVE-2021-28693:

Created: 2021-03-18 Last update: 2021-06-19 12:38

6 security issues in bullseye high

There are 6 open security issues in bullseye.

5 important issues:

CVE-2021-0089: Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2021-26313: Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.
CVE-2021-28690:
CVE-2021-28692:
CVE-2021-28693:

1 issue postponed or untriaged:

CVE-2021-28687: (postponed; to be fixed through a stable update) HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of them. When the "soft reset" feature was implemented, the libxl__domain_suspend_state structure didn't require any initialization or disposal. At some point later, an initialization function was introduced for the structure; but the "soft reset" path wasn't refactored to call the initialization function. When a guest nwo initiates a "soft reboot", uninitialized data structure leads to an assert() when later code finds the structure in an unexpected state. The effect of this is to crash the process monitoring the guest. How this affects the system depends on the structure of the toolstack. For xl, this will have no security-relevant effect: every VM has its own independent monitoring process, which contains no state. The domain in question will hang in a crashed state, but can be destroyed by `xl destroy` just like any other non-cooperating domain. For daemon-based toolstacks linked against libxl, such as libvirt, this will crash the toolstack, losing the state of any in-progress operations (localized DoS), and preventing further administrator operations unless the daemon is configured to restart automatically (system-wide DoS). If crashes "leak" resources, then repeated crashes could use up resources, also causing a system-wide DoS.

Created: 2021-06-08 Last update: 2021-06-19 12:38

Depends on packages which need a new maintainer normal

The packages that xen depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec
markdown (#466330)
- Build-Depends: markdown

Created: 2019-11-22 Last update: 2021-06-22 17:08

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-06-22 17:03

Multiarch hinter reports 3 issue(s) normal

There are issues with the multiarch metadata for this package.

xen-hypervisor-common could be marked Multi-Arch: foreign
xen-doc could be converted to Architecture: all and marked Multi-Arch: foreign
libxen-dev could be marked Multi-Arch: same

Created: 2018-10-11 Last update: 2021-06-22 15:00

lintian reports 50 warnings normal

Lintian reports 50 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-01-27 Last update: 2021-01-27 03:05

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2019-06-20 Last update: 2020-12-15 15:31

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2014-08-10 Last update: 2021-03-01 05:09

news

[rss feed]

[2021-06-21] Accepted xen 4.11.4+107-gef32c7afa2-1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2021-06-15] Accepted xen 4.11.4+107-gef32c7afa2-1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2021-04-13] Accepted xen 4.11.4+99-g8bce4698f6-1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2021-04-10] Accepted xen 4.11.4+99-g8bce4698f6-1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2021-03-11] xen 4.14.1+11-gb0b734a8b3-1 MIGRATED to testing (Debian testing watch)
[2021-02-28] Accepted xen 4.14.1+11-gb0b734a8b3-1 (source) into unstable (Hans van Kranenburg)
[2020-12-20] Accepted xen 4.11.4+57-g41a822c392-2 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-12-18] xen 4.14.0+88-g1d1d1f5391-2 MIGRATED to testing (Debian testing watch)
[2020-12-15] Accepted xen 4.14.0+88-g1d1d1f5391-2 (source) into unstable (Hans van Kranenburg)
[2020-12-15] Accepted xen 4.11.4+57-g41a822c392-2 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-12-15] Accepted xen 4.14.0+88-g1d1d1f5391-1 (source) into unstable (Hans van Kranenburg)
[2020-12-05] Accepted xen 4.11.4+57-g41a822c392-1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-12-04] Accepted xen 4.11.4+57-g41a822c392-1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-11-30] xen 4.14.0+80-gd101b417b7-1 MIGRATED to testing (Debian testing watch)
[2020-11-24] Accepted xen 4.14.0+80-gd101b417b7-1 (source) into unstable (Ian Jackson)
[2020-11-23] Accepted xen 4.14.0+80-gd101b417b7-1~exp2 (all amd64 source) into experimental, experimental (Debian FTP Masters) (signed by: Ian Jackson)
[2020-10-07] Accepted xen 4.11.4+37-g3263f257ca-1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-10-02] Accepted xen 4.11.4+37-g3263f257ca-1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-09-21] Accepted xen 4.14.0-1~exp1 (all amd64 source) into experimental, experimental (Debian FTP Masters) (signed by: Ian Jackson)
[2020-07-17] Accepted xen 4.11.4+24-gddaaccbbab-1~deb10u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-07-13] xen 4.11.4+24-gddaaccbbab-1 MIGRATED to testing (Debian testing watch)
[2020-07-12] Accepted xen 4.11.4+24-gddaaccbbab-1~deb10u1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-07-08] Accepted xen 4.11.4+24-gddaaccbbab-1 (source) into unstable (Hans van Kranenburg)
[2020-06-02] xen 4.11.4-1 MIGRATED to testing (Debian testing watch)
[2020-05-27] Accepted xen 4.11.4-1 (source) into unstable (Hans van Kranenburg)
[2020-01-17] Accepted xen 4.8.5.final+shim4.10.4-1+deb9u12 (all amd64 source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Ian Jackson)
[2020-01-17] Accepted xen 4.11.3+24-g14b62ab3e5-1~deb10u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Hans van Kranenburg) (signed by: Ian Jackson)
[2020-01-13] Accepted xen 4.11.3+24-g14b62ab3e5-1~deb10u1 (source amd64 all) into stable->embargoed, stable (Hans van Kranenburg) (signed by: Ian Jackson)
[2020-01-13] Accepted xen 4.8.5.final+shim4.10.4-1+deb9u12 (all amd64 source) into oldstable->embargoed, oldstable (Ian Jackson)
[2020-01-11] xen 4.11.3+24-g14b62ab3e5-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 30
RC: 1
I&N: 21
M&W: 8
F&P: 0
patch: 2

links

homepage
lintian (0, 50)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.11.4+24-gddaaccbbab-1ubuntu2
58 bugs (10 patches)
patches for 4.11.4+24-gddaaccbbab-1ubuntu2