Fedora 38 Update: xen-4.17.4-1.fc38
Fedora 38 Update: xen-4.17.4-1.fc38
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-a676697123
2024-04-26 01:03:50.148827
--------------------------------------------------------------------------------
Name : xen
Product : Fedora 38
Version : 4.17.4
Release : 1.fc38
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor
--------------------------------------------------------------------------------
Update Information:
x86: Native Branch History Injection [XSA-456, CVE-2024-2201]
update to xen 4.17.4, remove patches now included upstream
rebase xen.gcc12.fixes.patch
x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842]
x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 9 2024 Michael Young [m.a.young@durham.ac.uk] - 4.17.4-1
- x86: Native Branch History Injection [XSA-456, CVE-2024-2201]
- update to xen 4.17.4, remove patches now included upstream
rebase xen.gcc12.fixes.patch
- x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842]
- x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-a676697123' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--