pkgsrc/sysutils/xenkernel42/MESSAGE
jnemeth 098762889a Initial import of Xen 4.2. This is kernel part.
---- 4.2.2

Xen 4.2.2 is a maintenance release in the 4.2 series and contains:
We recommend that all users of Xen 4.2.1 upgrade to Xen 4.2.2.

    This release fixes the following critical vulnerabilities:
        CVE-2012-5634 / XSA-33: VT-d interrupt remapping source
            validation flaw
        CVE-2013-0151 / XSA-34: nested virtualization on 32-bit
            exposes host crash
        CVE-2013-0152 / XSA-35: Nested HVM exposes host to being
            driven out of memory by guest
        CVE-2013-0153 / XSA-36: interrupt remap entries shared and
            old ones not cleared on AMD IOMMUs
        CVE-2013-0154 / XSA-37: Hypervisor crash due to incorrect
            ASSERT (debug build only)
        CVE-2013-0215 / XSA-38: oxenstored incorrect handling of
            certain Xenbus ring states
        CVE-2012-6075 / XSA-41: qemu (e1000 device driver): Buffer
            overflow when processing large packets
        CVE-2013-1917 / XSA-44: Xen PV DoS vulnerability with SYSENTER
        CVE-2013-1919 / XSA-46: Several access permission issues with
            IRQs for unprivileged guests
        CVE-2013-1920 / XSA-47: Potential use of freed memory in event
            channel operations
        CVE-2013-1922 / XSA-48: qemu-nbd format-guessing due to missing
            format specification
    This release contains many bug fixes and improvements (around
    100 since Xen 4.2.1). The highlights are:
        ACPI APEI/ERST finally working on production systems
        Bug fixes for other low level system state handling
        Bug fixes and improvements to the libxl tool stack
        Bug fixes to nested virtualization

----- 4.2.1

Xen 4.2.1 is a maintenance release in the 4.2 series and contains:
We recommend that all users of Xen 4.2.0 upgrade to Xen 4.2.1.

    The release fixes the following critical vulnerabilities:
        CVE-2012-4535 / XSA-20: Timer overflow DoS vulnerability
        CVE-2012-4537 / XSA-22: Memory mapping failure DoS vulnerability
        CVE-2012-4538 / XSA-23: Unhooking empty PAE entries DoS vulnerability
        CVE-2012-4539 / XSA-24: Grant table hypercall infinite
            loop DoS vulnerability
        CVE-2012-4544, CVE-2012-2625 / XSA-25: Xen domain builder
            Out-of-memory due to malicious kernel/ramdisk
        CVE-2012-5510 / XSA-26: Grant table version switch list
            corruption vulnerability
        CVE-2012-5511 / XSA-27: Several HVM operations do not
            validate the range of their inputs
        CVE-2012-5513 / XSA-29: XENMEM_exchange may overwrite hypervisor memory
        CVE-2012-5514 / XSA-30: Broken error handling in
            guest_physmap_mark_populate_on_demand()
        CVE-2012-5515 / XSA-31: Several memory hypercall operations
            allow invalid extent order values
        CVE-2012-5525 / XSA-32: several hypercalls do not validate input GFNs
    Among many bug fixes and improvements (around 100 since Xen 4.2.0):
        A fix for a long standing time management issue
        Bug fixes for S3 (suspend to RAM) handling
        Bug fixes for other low level system state handling
        Bug fixes and improvements to the libxl tool stack
        Bug fixes to nested virtualization


----- 4.2.0

The Xen 4.2 release contains a number of important new features
and updates including:

The release incorporates many new features and improvements to
existing features. There are improvements across the board including
to Security, Scalability, Performance and Documentation.

    XL is now the default toolstack: Significant effort has gone
in to the XL tool toolstack in this release and it is now feature
complete and robust enough that we have made it the default. This
toolstack can now replace xend in the majority of deployments, see
XL vs Xend Feature Comparison. As well as improving XL the underlying
libxl library has been significantly improved and supports the
majority of the most common toolstack features. In addition the
API has been declared stable which should make it even easier for
external toolstack such as libvirt and XCP's xapi to make full use
of this functionality in the future.

    Large Systems: Following on from the improvements made in 4.1
Xen now supports even larger systems, with up to 4095 host CPUs
and up to 512 guest CPUs. In addition toolstack feature like the
ability to automatically create a CPUPOOL per NUMA node and more
intelligent placement of guest VCPUs on NUMA nodes have further
improved the Xen experience on large systems.  Other new features,
such as multiple PCI segment support have also made a positive
impact on such systems.

    Improved security: The XSM/Flask subsystem has seen several
enhancements, including improved support for disaggregated systems
and a rewritten example policy which is clearer and simpler to
modify to suit local requirements.

    Documentation: The Xen documentation has been much improved,
both the in-tree documentation and the wiki. This is in no small
part down to the success of the Xen Document Days so thanks to all
who have taken part.
2013-05-15 05:32:12 +00:00

7 lines
373 B
Text

===========================================================================
$NetBSD: MESSAGE,v 1.1.1.1 2013/05/15 05:32:12 jnemeth Exp $
The Xen hypervisor is installed under the following locations:
${XENKERNELDIR}/xen.gz (standard hypervisor)
${XENKERNELDIR}/xen-debug.gz (debug hypervisor)
===========================================================================