Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

xen-libs-4.19.1_02-1.1 RPM for aarch64

From OpenSuSE Ports Tumbleweed for aarch64

Name: xen-libs Distribution: openSUSE Tumbleweed
Version: 4.19.1_02 Vendor: openSUSE
Release: 1.1 Build date: Wed Dec 4 17:16:24 2024
Group: System/Kernel Build host: reproducible
Size: 2677567 Source RPM: xen-4.19.1_02-1.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
Summary: Xen Virtualization: Libraries
Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
performance and resource isolation.

This package contains the libraries used to interact with the Xen
virtual machine monitor.

In addition to this package you need to install xen and xen-tools
to use Xen.


Authors:
--------
    Ian Pratt <ian.pratt@cl.cam.ac.uk>

Provides

Requires

License

GPL-2.0-only

Changelog

* Wed Dec 04 2024 carnold@suse.com
  - Update to Xen 4.19.1 bug fix release (jsc#PED-8907)
    xen-4.19.1-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - Dropped patches
    66a8b8ac-bunzip2-rare-failure.patch
    66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch
    66bb6fa5-x86-pass-through-document-as-security-unsupported.patch
    66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch
    66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch
    66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch
    66d8690f-SUPPORT-split-XSM-from-Flask.patch
    66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch
    66e44ae2-x86-ucode-AMD-buffer-underrun.patch
    66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch
    66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch
    xsa463-01.patch
    xsa463-02.patch
    xsa463-03.patch
    xsa463-04.patch
    xsa463-05.patch
    xsa463-06.patch
    xsa463-07.patch
    xsa463-08.patch
    xsa463-09.patch
    xsa464.patch
    gcc14-fixes.patch
* Wed Oct 30 2024 carnold@suse.com
  - bsc#1232622 - VUL-0: CVE-2024-45818: xen: Deadlock in x86 HVM
    standard VGA handling (XSA-463)
    xsa463-01.patch
    xsa463-02.patch
    xsa463-03.patch
    xsa463-04.patch
    xsa463-05.patch
    xsa463-06.patch
    xsa463-07.patch
    xsa463-08.patch
    xsa463-09.patch
  - bsc#1232624 - VUL-0: CVE-2024-45819: xen: libxl leaks data to PVH
    guests via ACPI tables (XSA-464)
    xsa464.patch
  - Drop stdvga-cache.patch
* Tue Oct 29 2024 ohering@suse.de
  - bsc#1232542 - remove usage of net-tools-deprecated from supportconfig plugin
* Thu Sep 26 2024 jbeulich@suse.com
  - bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in
    vlapic_error() (XSA-462)
    66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch
    Drop xsa462.patch
  - Upstream bug fixes (bsc#1027519)
    66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch
    66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch
    66d8690f-SUPPORT-split-XSM-from-Flask.patch
    66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch
    66e44ae2-x86-ucode-AMD-buffer-underrun.patch
    66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch
* Tue Sep 10 2024 carnold@suse.com
  - bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in
    vlapic_error() (XSA-462)
    xsa462.patch
* Fri Aug 30 2024 Guillaume GARDET <guillaume.gardet@opensuse.org>
  - Fix build on aarch64 with gcc14 (bsc#1225953)
    66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch
* Wed Aug 14 2024 carnold@suse.com
  - bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86
    IOMMU identity mapping (XSA-460)
    66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch
  - bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through
    with shared resources (XSA-461)
    66bb6fa5-x86-pass-through-document-as-security-unsupported.patch
* Tue Aug 06 2024 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    66a8b8ac-bunzip2-rare-failure.patch
* Tue Jul 30 2024 carnold@suse.com
  - Update to Xen 4.19.0 FCS release (jsc#PED-8907)
    xen-4.19.0-testing-src.tar.bz2
  - New Features
    * On x86:
    - Introduce a new x2APIC driver that uses Cluster Logical addressing mode
      for IPIs and Physical addressing mode for external interrupts.
    * On Arm:
    - FF-A notification support.
    - Introduction of dynamic node programming using overlay dtbo.
    * Add a new 9pfs backend running as a daemon in dom0. First user is
      Xenstore-stubdom now being able to support full Xenstore trace capability.
    * libxl support for backendtype=tap with tapback.
  - Changed Features
    * Changed flexible array definitions in public I/O interface headers to not
      use "1" as the number of array elements.
    * The minimum supported OCaml toolchain version is now 4.05
    * On x86:
    - HVM PIRQs are disabled by default.
    - Reduce IOMMU setup time for hardware domain.
    - Allow HVM/PVH domains to map foreign pages.
    - Declare PVH dom0 supported with caveats.
    * xl/libxl configures vkb=[] for HVM domains with priority over vkb_device.
    * Increase the maximum number of CPUs Xen can be built for from 4095 to
      16383.
    * When building with Systemd support (./configure --enable-systemd), remove
      libsystemd as a build dependency.  Systemd Notify support is retained, now
      using a standalone library implementation.
    * xenalyze no longer requires `--svm-mode` when analyzing traces
      generated on AMD CPUs
    * Code symbol annotations and MISRA compliance improvements.
  - Removed Features
    * caml-stubdom.  It hasn't built since 2014, was pinned to Ocaml 4.02, and has
      been superseded by the MirageOS/SOLO5 projects.
    * /usr/bin/pygrub symlink.  This was deprecated in Xen 4.2 (2012) but left for
      compatibility reasons.  VMs configured with bootloader="/usr/bin/pygrub"
      should be updated to just bootloader="pygrub".
    * The Xen gdbstub on x86.
    * xentrace_format has been removed; use xenalyze instead.
  - Dropped patches contained in new tarball
    6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch
    6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch
    6627a5fc-x86-MTRR-inverted-WC-check.patch
    662a6a4c-x86-spec-reporting-of-BHB-clearing.patch
    662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch
    663090fd-x86-gen-cpuid-syntax.patch
    663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch
    663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch
    663d05b5-x86-ucode-distinguish-up-to-date.patch
    663eaa27-libxl-XenStore-error-handling-in-device-creation.patch
    66450626-sched-set-all-sched_resource-data-inside-locked.patch
    66450627-x86-respect-mapcache_domain_init-failing.patch
    6646031f-x86-ucode-further-identify-already-up-to-date.patch
    6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch
    666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch
    666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch
    666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch
    666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch
    666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch
    667187cc-x86-Intel-unlock-CPUID-earlier.patch
    66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch
    6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch
    6672c846-x86-xstate-initialisation-of-XSS-cache.patch
    6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch
    6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch
    xsa458.patch
  - Dropped patches no longer necessary
    bin-python3-conversion.patch
    migration-python3-conversion.patch
* Tue Jul 23 2024 Franz Sirl <franz.sirl-obs@lauterbach.com>
  - Enable support for ZSTD and LZO compression formats
* Wed Jul 03 2024 carnold@suse.com
  - bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86
    guest IRQ handling (XSA-458)
    xsa458.patch
* Mon Jun 24 2024 jbeulich@suse.com
  - bsc#1214718 - The system hangs intermittently when Power Control
    Mode is set to Minimum Power on SLES15SP5 Xen
    6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch
    666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch
    666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch
    66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch
    6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch
    6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch
  - Upstream bug fixes (bsc#1027519)
    66450626-sched-set-all-sched_resource-data-inside-locked.patch
    66450627-x86-respect-mapcache_domain_init-failing.patch
    6646031f-x86-ucode-further-identify-already-up-to-date.patch
    666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch
    666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch
    666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch
    667187cc-x86-Intel-unlock-CPUID-earlier.patch
    6672c846-x86-xstate-initialisation-of-XSS-cache.patch
    6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch
* Wed Jun 12 2024 Daniel Garcia <daniel.garcia@suse.com>
  - Fix python3 shebang in tools package (bsc#1212476)
  - Depend directly on %primary_python instead of python3 so this
    package will continue working without rebuilding even if python3
    changes in the system.
  - Remove not needed patches, these patches adds the python3 shebang to
    some scripts, but that's done during the build phase so it's not
    needed:
    - bin-python3-conversion.patch
    - migration-python3-conversion.patch
* Tue Jun 04 2024 carnold@suse.com
  - bsc#1225953 - Package xen does not build with gcc14 because of
    new errors
    gcc14-fixes.patch
* Wed May 15 2024 jbeulich@suse.com
  - bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
    trigger Xen bug check (XSA-454)
    6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch
  - Upstream bug fixes (bsc#1027519)
    6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch
    6627a5fc-x86-MTRR-inverted-WC-check.patch
    662a6a4c-x86-spec-reporting-of-BHB-clearing.patch
    662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch
    663090fd-x86-gen-cpuid-syntax.patch
    663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch
    663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch
    663d05b5-x86-ucode-distinguish-up-to-date.patch
    663eaa27-libxl-XenStore-error-handling-in-device-creation.patch
* Tue Apr 09 2024 carnold@suse.com
  - Update to Xen 4.18.2 security bug fix release (bsc#1027519)
    xen-4.18.2-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
    trigger Xen bug check (XSA-454)
  - bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
    for BTC/SRSO mitigations (XSA-455)
  - bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
    History Injection (XSA-456)
  - Dropped patch contained in new tarball
    65f83951-x86-mm-use-block_lock_speculation-in.patch
* Mon Mar 25 2024 jbeulich@suse.com
  - bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
    Race Conditions (XSA-453)
    65f83951-x86-mm-use-block_lock_speculation-in.patch
* Fri Mar 15 2024 carnold@suse.com
  - Update to Xen 4.18.1 bug fix release (bsc#1027519)
    xen-4.18.1-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data
    Sampling (XSA-452)
  - bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
    Race Conditions (XSA-453)
  - Dropped patches included in new tarball
    654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch
    65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch
    655b2ba9-fix-sched_move_domain.patch
    6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch
    6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch
    656ee5e1-x86emul-avoid-triggering-event-assertions.patch
    656ee602-cpupool-adding-offline-CPU.patch
    656ee6c3-domain_create-error-path.patch
    6571ca95-fix-sched_move_domain.patch
    6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch
    65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch
    65a7a0a4-x86-Intel-GPCC-setup.patch
    65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch
    65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch
    65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch
    65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch
    65b8f9ab-VT-d-else-vs-endif-misplacement.patch
    xsa451.patch
* Tue Feb 13 2024 carnold@suse.com
  - bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
    exceptions from emulation stubs (XSA-451)
    xsa451.patch
* Wed Jan 31 2024 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch
    6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch
    656ee5e1-x86emul-avoid-triggering-event-assertions.patch
    656ee602-cpupool-adding-offline-CPU.patch
    656ee6c3-domain_create-error-path.patch
    6571ca95-fix-sched_move_domain.patch
    6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch
    65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch
    65a7a0a4-x86-Intel-GPCC-setup.patch
    65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch
    65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch
    65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch
  - bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
    assigned to incorrect contexts (XSA-449)
    65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch
  - bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
    quarantine devices in !HVM builds (XSA-450)
    65b8f9ab-VT-d-else-vs-endif-misplacement.patch
  - Patches dropped / replaced by newer upstream versions
    xsa449.patch
    xsa450.patch
* Tue Jan 23 2024 carnold@suse.com
  - bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
    quarantine devices in !HVM builds (XSA-450)
    xsa450.patch
* Tue Jan 16 2024 carnold@suse.com
  - bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
    assigned to incorrect contexts (XSA-449)
    xsa449.patch
* Tue Nov 21 2023 carnold@suse.com
  - Enable the Kconfig options REQUIRE_NX and DIT_DEFAULT to
    provide better hypervisor security
    xen.spec
* Tue Nov 21 2023 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch
    65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch
    655b2ba9-fix-sched_move_domain.patch
* Mon Nov 20 2023 Bernhard Wiedemann <bwiedemann@suse.com>
  - Pass XEN_BUILD_DATE + _TIME to override build date (boo#1047218)
* Thu Nov 16 2023 carnold@suse.com
  - Update to Xen 4.18.0 FCS release (jsc#PED-4984)
    xen-4.18.0-testing-src.tar.bz2
    * Repurpose command line gnttab_max_{maptrack_,}frames options so they don't
      cap toolstack provided values.
    * Ignore VCPUOP_set_singleshot_timer's VCPU_SSHOTTMR_future flag. The only
      known user doesn't use it properly, leading to in-guest breakage.
    * The "dom0" option is now supported on Arm and "sve=" sub-option can be used
      to enable dom0 guest to use SVE/SVE2 instructions.
    * Physical CPU Hotplug downgraded to Experimental and renamed "ACPI CPU
      Hotplug" for clarity
    * On x86, support for features new in Intel Sapphire Rapids CPUs:
    - PKS (Protection Key Supervisor) available to HVM/PVH guests.
    - VM-Notify used by Xen to mitigate certain micro-architectural pipeline
      livelocks, instead of crashing the entire server.
    - Bus-lock detection, used by Xen to mitigate (by rate-limiting) the system
      wide impact of a guest misusing atomic instructions.
    * xl/libxl can customize SMBIOS strings for HVM guests.
    * Add support for AVX512-FP16 on x86.
    * On Arm, Xen supports guests running SVE/SVE2 instructions. (Tech Preview)
    * On Arm, add suport for Firmware Framework for Arm A-profile (FF-A) Mediator
      (Tech Preview)
    * Add Intel Hardware P-States (HWP) cpufreq driver.
    * On Arm, experimental support for dynamic addition/removal of Xen device tree
      nodes using a device tree overlay binary (.dtbo).
    * Introduce two new hypercalls to map the vCPU runstate and time areas by
      physical rather than linear/virtual addresses.
    * On x86, support for enforcing system-wide operation in Data Operand
      Independent Timing Mode.
    * The project has now officially adopted 6 directives and 65 rules of MISRA-C.
    * On x86, the "pku" command line option has been removed.  It has never
      behaved precisely as described, and was redundant with the unsupported
      "cpuid=no-pku".  Visibility of PKU to guests should be via its vm.cfg file.
    * xenpvnetboot removed as unable to convert to Python 3.
    * xencons is no longer supported or present. See 5d22d69b30
  - Droppped patches contained in new tarballs
    63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch
    643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch
    643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch
    6447a8fd-x86-EFI-permit-crash-dump-analysis.patch
    64d33a57-libxenstat-Linux-nul-terminate-string.patch
    aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
    xen.stubdom.newlib.patch
    xsa446.patch
    xsa445.patch
    xsa438.patch
    xsa439-00.patch
    xsa439-01.patch
    xsa439-02.patch
    xsa439-03.patch
    xsa439-04.patch
    xsa439-05.patch
    xsa439-06.patch
    xsa439-07.patch
    xsa439-08.patch
    xsa439-09.patch
    xsa443-10.patch
    xsa443-11.patch
    xsa440.patch
  - Dropped xen-utils-0.1.tar.bz2
    The xen-list and xen-destroy commands are removed. Originally
    created as a better replacement for 'xm'. The 'xl' equivalent
    commands should be used instead.
  - Dropped libxl.pvscsi.patch
    Support for PVSCSI devices in the guest is no longer supported.
* Thu Nov 02 2023 carnold@suse.com
  - bsc#1216807 - VUL-0: CVE-2023-46836: xen: x86: BTC/SRSO fixes not
    fully effective (XSA-446)
    xsa446.patch
* Fri Oct 27 2023 carnold@suse.com
  - bsc#1216654 - VUL-0: CVE-2023-46835: xen: x86/AMD: mismatch in
    IOMMU quarantine page table levels (XSA-445)
    xsa445.patch
* Wed Oct 18 2023 jfehlig@suse.com
  - Supportconfig: Adapt plugin to modern supportconfig
    The supportconfig 'scplugin.rc' file is deprecated in favor of
    supportconfig.rc'. Adapt the xen plugin to the new scheme.
    xen-supportconfig
* Tue Oct 17 2023 jbeulich@suse.com
  - bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow
    reference dropped too early for 64-bit PV guests (XSA-438)
    650abbfe-x86-shadow-defer-PV-top-level-release.patch
  - bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional
    execution leak via division by zero (XSA-439)
    64e5b4ac-x86-AMD-extend-Zenbleed-check.patch
    65087000-x86-spec-ctrl-SPEC_CTRL_EXIT_TO_XEN-confusion.patch
    65087001-x86-spec-ctrl-fold-DO_SPEC_CTRL_EXIT_TO_XEN.patch
    65087002-x86-spec-ctrl-SPEC_CTRL-ENTRY-EXIT-asm-macros.patch
    65087003-x86-spec-ctrl-SPEC_CTRL-ENTER-EXIT-comments.patch
    65087004-x86-entry-restore_all_xen-stack_end.patch
    65087005-x86-entry-track-IST-ness-of-entry.patch
    65087006-x86-spec-ctrl-VERW-on-IST-exit-to-Xen.patch
    65087007-x86-AMD-Zen-1-2-predicates.patch
    65087008-x86-spec-ctrl-Zen1-DIV-leakage.patch
  - bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU
    TLB flushing (XSA-442)
    65263470-AMD-IOMMU-flush-TLB-when-flushing-DTE.patch
  - bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple
    vulnerabilities in libfsimage disk handling (XSA-443)
    65263471-libfsimage-xfs-remove-dead-code.patch
    65263472-libfsimage-xfs-amend-mask32lo.patch
    65263473-libfsimage-xfs-sanity-check-superblock.patch
    65263474-libfsimage-xfs-compile-time-check.patch
    65263475-pygrub-remove-unnecessary-hypercall.patch
    65263476-pygrub-small-refactors.patch
    65263477-pygrub-open-output-files-earlier.patch
    65263478-libfsimage-function-to-preload-plugins.patch
    65263479-pygrub-deprivilege.patch
    6526347a-libxl-allow-bootloader-restricted-mode.patch
    6526347b-libxl-limit-bootloader-when-restricted.patch
  - bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD:
    Debug Mask handling (XSA-444)
    6526347c-SVM-fix-AMD-DR-MASK-context-switch-asymmetry.patch
    6526347d-x86-PV-auditing-of-guest-breakpoints.patch
  - Upstream bug fixes (bsc#1027519)
    64e6459b-revert-VMX-sanitize-rIP-before-reentering.patch
    64eef7e9-x86-reporting-spurious-i8259-interrupts.patch
    64f71f50-Arm-handle-cache-flush-at-top.patch
    65084ba5-x86-AMD-dont-expose-TscFreqSel.patch
  - Patches dropped / replaced by newer upstream versions
    xsa438.patch
    xsa439-00.patch
    xsa439-01.patch
    xsa439-02.patch
    xsa439-03.patch
    xsa439-04.patch
    xsa439-05.patch
    xsa439-06.patch
    xsa439-07.patch
    xsa439-08.patch
    xsa439-09.patch
    xsa442.patch
    xsa443-01.patch
    xsa443-02.patch
    xsa443-03.patch
    xsa443-04.patch
    xsa443-05.patch
    xsa443-06.patch
    xsa443-07.patch
    xsa443-08.patch
    xsa443-09.patch
    xsa443-10.patch
    xsa443-11.patch
    xsa444-1.patch
    xsa444-2.patch
* Wed Sep 27 2023 carnold@suse.com
  - bsc#1215744 - VUL-0: CVE-2023-34323: xen: xenstored: A
    transaction conflict can crash C Xenstored (XSA-440)
    xsa440.patch
  - bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU
    TLB flushing (XSA-442)
    xsa442.patch
  - bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple
    vulnerabilities in libfsimage disk handling (XSA-443)
    xsa443-01.patch
    xsa443-02.patch
    xsa443-03.patch
    xsa443-04.patch
    xsa443-05.patch
    xsa443-06.patch
    xsa443-07.patch
    xsa443-08.patch
    xsa443-09.patch
    xsa443-10.patch
    xsa443-11.patch
  - bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD:
    Debug Mask handling (XSA-444)
    xsa444-1.patch
    xsa444-2.patch
* Mon Sep 18 2023 carnold@suse.com
  - bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional
    execution leak via division by zero (XSA-439)
    xsa439-00.patch
    xsa439-01.patch
    xsa439-02.patch
    xsa439-03.patch
    xsa439-04.patch
    xsa439-05.patch
    xsa439-06.patch
    xsa439-07.patch
    xsa439-08.patch
    xsa439-09.patch
* Fri Sep 08 2023 carnold@suse.com
  - bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow
    reference dropped too early for 64-bit PV guests (XSA-438)
    xsa438.patch
* Sun Aug 13 2023 ohering@suse.de
  - Handle potential unaligned access to bitmap in
    libxc-sr-restore-hvm-legacy-superpage.patch
    If setting BITS_PER_LONG at once, the initial bit must be aligned
* Thu Aug 10 2023 jbeulich@suse.com
  - bsc#1212684 - xentop fails with long interface name
    64d33a57-libxenstat-Linux-nul-terminate-string.patch
* Tue Aug 08 2023 carnold@suse.com
  - Update to Xen 4.17.2 bug fix release (bsc#1027519)
    xen-4.17.2-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - bsc#1214082 - VUL-0: CVE-2023-20569: xen: x86/AMD: Speculative
    Return Stack Overflow (XSA-434)
  - bsc#1214083 - VUL-0: CVE-2022-40982: xen: x86/Intel: Gather Data
    Sampling (XSA-435)
  - Dropped patches contained in new tarball
    64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch
    645dec48-AMD-IOMMU-assert-boolean-enum.patch
    64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch
    646b782b-PCI-pci_get_pdev-respect-segment.patch
    647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch
    648863fc-AMD-IOMMU-Invalidate-All-check.patch
    64bea1b2-x86-AMD-Zenbleed.patch
* Tue Aug 01 2023 ohering@suse.de
  - Handle potential off-by-one errors in libxc-sr-xg_sr_bitmap.patch
    A bit is an index in bitmap, while bits is the allocated size
    of the bitmap.
* Fri Jul 28 2023 ohering@suse.de
  - Add more debug to libxc-sr-track-migration-time.patch
    This is supposed to help with doing the math in case xl restore
    fails with ERANGE as reported in bug#1209311
* Tue Jul 25 2023 carnold@suse.com
  - bsc#1213616 - VUL-0: CVE-2023-20593: xen: x86/AMD: Zenbleed
    (XSA-433)
    64bea1b2-x86-AMD-Zenbleed.patch
* Thu Jul 06 2023 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    645dec48-AMD-IOMMU-assert-boolean-enum.patch
    646b782b-PCI-pci_get_pdev-respect-segment.patch
    647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch
    648863fc-AMD-IOMMU-Invalidate-All-check.patch
* Mon May 22 2023 carnold@suse.com
  - bsc#1211433 - VUL-0: CVE-2022-42336: xen: Mishandling of guest
    SSBD selection on AMD hardware (XSA-431)
    64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch
* Thu May 04 2023 carnold@suse.com
  - bsc#1210570 - gcc-13 realloc use-after-free analysis error
    64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch
* Fri Apr 28 2023 carnold@suse.com
  - bsc#1209237 - xen-syms doesn't contain debug-info
    643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch
    643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch
    6447a8fd-x86-EFI-permit-crash-dump-analysis.patch
* Thu Apr 27 2023 carnold@suse.com
  - Update to Xen 4.17.1 bug fix release (bsc#1027519)
    xen-4.17.1-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - Dropped patches contained in new tarball
    63a03b73-VMX-VMExit-based-BusLock-detection.patch
    63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch
    63a03bce-VMX-Notify-VMExit.patch
    63a03e28-x86-high-freq-TSC-overflow.patch
    63c05478-VMX-calculate-model-specific-LBRs-once.patch
    63c05478-VMX-support-CPUs-without-model-specific-LBR.patch
    63d24e91-tools-xenstore-revert-simplify-loop-handling.patch
    63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch
    63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch
    63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch
    63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch
    63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch
    640f3035-x86-altp2m-help-gcc13.patch
    641041e8-VT-d-constrain-IGD-check.patch
    64104238-bunzip-gcc13.patch
    6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch
    64199e0c-x86-shadow-account-for-log-dirty-mode.patch
    64199e0d-x86-HVM-bound-number-of-pca-regions.patch
    64199e0e-x86-HVM-serialize-pca-list-manipulation.patch
    64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch
    libxl.fix-guest-kexec-skip-cpuid-policy.patch
    xsa430.patch
* Tue Apr 11 2023 carnold@suse.com
  - bsc#1210315 - VUL-0: CVE-2022-42335: xen: x86 shadow paging
    arbitrary pointer dereference (XSA-430)
    xsa430.patch
* Fri Mar 31 2023 carnold@suse.com
  - Not building the shim is correctly handled by --disable-pvshim
    Drop disable-building-pv-shim.patch
* Thu Mar 23 2023 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    63a03b73-VMX-VMExit-based-BusLock-detection.patch
    63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch
    63a03bce-VMX-Notify-VMExit.patch
    63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch
    63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch
    63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch
    63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch
    641041e8-VT-d-constrain-IGD-check.patch
    6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch
  - Use "proper" upstream backports:
    640f3035-x86-altp2m-help-gcc13.patch
    64104238-bunzip-gcc13.patch
    64199e0c-x86-shadow-account-for-log-dirty-mode.patch
    64199e0d-x86-HVM-bound-number-of-pca-regions.patch
    64199e0e-x86-HVM-serialize-pca-list-manipulation.patch
    64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch
  - ... in place of:
    bunzip-gcc13.patch
    altp2m-gcc13.patch
    xsa427.patch
    xsa428-1.patch
    xsa428-2.patch
    xsa429.patch
* Thu Mar 16 2023 ohering@suse.de
  - bsc#1209245 - fix host-assisted kexec/kdump for HVM domUs
    libxl.fix-guest-kexec-skip-cpuid-policy.patch
* Tue Mar 07 2023 carnold@suse.com
  - bsc#1209017 - VUL-0: CVE-2022-42332: xen: x86 shadow plus
    log-dirty mode use-after-free (XSA-427)
    xsa427.patch
  - bsc#1209018 - VUL-0: CVE-2022-42333,CVE-2022-42334: xen: x86/HVM
    pinned cache attributes mis-handling (XSA-428)
    xsa428-1.patch
    xsa428-2.patch
  - bsc#1209019 - VUL-0: CVE-2022-42331: xen: x86: speculative
    vulnerability in 32bit SYSCALL path (XSA-429)
    xsa429.patch
* Thu Mar 02 2023 carnold@suse.com
  - bsc#1208736 - GCC 13: xen package fails
    bunzip-gcc13.patch
    altp2m-gcc13.patch
  - Drop gcc13-fixes.patch
* Tue Feb 28 2023 carnold@suse.com
  - bsc#1208736 - GCC 13: xen package fails
    gcc13-fixes.patch
* Wed Feb 15 2023 carnold@suse.com
  - bsc#1208286 - VUL-0: CVE-2022-27672: xen: Cross-Thread Return
    Address Predictions (XSA-426)
    63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch
* Thu Feb 09 2023 carnold@suse.com
  - bsc#1205792 - Partner-L3: launch-xenstore error messages show in
    SLES15 SP4 xen kernel.
    63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch
* Mon Feb 06 2023 jbeulich@suse.com
  - bsc#1026236 - tidy/modernize patch
    xen.bug1026236.suse_vtsc_tolerance.patch
* Mon Feb 06 2023 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    63c05478-VMX-calculate-model-specific-LBRs-once.patch
    63c05478-VMX-support-CPUs-without-model-specific-LBR.patch
  - bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause
    Xenstore crash via soft reset (XSA-425)
    xsa425.patch ->
    63d24e91-tools-xenstore-revert-simplify-loop-handling.patch
* Wed Jan 25 2023 carnold@suse.com
  - bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause
    Xenstore crash via soft reset (XSA-425)
    xsa425.patch
* Tue Jan 03 2023 Stefan Schubert <schubi@suse.com>
  - Migration of PAM settings to /usr/lib/pam.d.
* Tue Dec 20 2022 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    63a03e28-x86-high-freq-TSC-overflow.patch
* Thu Dec 08 2022 carnold@suse.com
  - Update to Xen 4.17.0 FCS release (jsc#PED-1858)
    xen-4.17.0-testing-src.tar.bz2
    * On x86 "vga=current" can now be used together with GrUB2's gfxpayload setting. Note that
      this requires use of "multiboot2" (and "module2") as the GrUB commands loading Xen.
    * The "gnttab" option now has a new command line sub-option for disabling the
      GNTTABOP_transfer functionality.
    * The x86 MCE command line option info is now updated.
    * Out-of-tree builds for the hypervisor now supported.
    * __ro_after_init support, for marking data as immutable after boot.
    * The project has officially adopted 4 directives and 24 rules of MISRA-C,
      added MISRA-C checker build integration, and defined how to document
      deviations.
    * IOMMU superpage support on x86, affecting PV guests as well as HVM/PVH ones
      when they don't share page tables with the CPU (HAP / EPT / NPT).
    * Support for VIRT_SSBD and MSR_SPEC_CTRL for HVM guests on AMD.
    * Improved TSC, CPU, and APIC clock frequency calibration on x86.
    * Support for Xen using x86 Control Flow Enforcement technology for its own
      protection. Both Shadow Stacks (ROP protection) and Indirect Branch
      Tracking (COP/JOP protection).
    * Add mwait-idle support for SPR and ADL on x86.
    * Extend security support for hosts to 12 TiB of memory on x86.
    * Add command line option to set cpuid parameters for dom0 at boot time on x86.
    * Improved static configuration options on Arm.
    * cpupools can be specified at boot using device tree on Arm.
    * It is possible to use PV drivers with dom0less guests, allowing statically
      booted dom0less guests with PV devices.
    * On Arm, p2m structures are now allocated out of a pool of memory set aside at
      domain creation.
    * Improved mitigations against Spectre-BHB on Arm.
    * Support VirtIO-MMIO devices device-tree binding creation in toolstack on Arm.
    * Allow setting the number of CPUs to activate at runtime from command line
      option on Arm.
    * Grant-table support on Arm was improved and hardened by implementing
      "simplified M2P-like approach for the xenheap pages"
    * Add Renesas R-Car Gen4 IPMMU-VMSA support on Arm.
    * Add i.MX lpuart and i.MX8QM support on Arm.
    * Improved toolstack build system.
    * Add Xue - console over USB 3 Debug Capability.
    * gitlab-ci automation: Fixes and improvements together with new tests.
    * dropped support for the (x86-only) "vesa-mtrr" and "vesa-remap" command line options
  - Drop patches contained in new tarball or invalid
    62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch
    xsa410-01.patch
    xsa410-02.patch
    xsa410-03.patch
    xsa410-04.patch
    xsa410-05.patch
    xsa410-06.patch
    xsa410-07.patch
    xsa410-08.patch
    xsa410-09.patch
    xsa410-10.patch
    xsa411.patch
* Wed Sep 28 2022 carnold@suse.com
  - bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may
    take excessively long (XSA-410)
    xsa410-01.patch
    xsa410-02.patch
    xsa410-03.patch
    xsa410-04.patch
    xsa410-05.patch
    xsa410-06.patch
    xsa410-07.patch
    xsa410-08.patch
    xsa410-09.patch
    xsa410-10.patch
  - bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in
    transitive grant copy handling (XSA-411)
    xsa411.patch
* Wed Aug 31 2022 Stefan Schubert <schubi@suse.com>
  - Migration to /usr/etc: Saving user changed configuration files
    in /etc and restoring them while an RPM update.
* Mon Aug 29 2022 carnold@suse.com
  - bsc#1201994 - Xen DomU unable to emulate audio device
    62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch
* Tue Aug 23 2022 carnold@suse.com
  - Things are compiling fine now with gcc12.
    Drop gcc12-fixes.patch
* Thu Aug 18 2022 carnold@suse.com
  - Update to Xen 4.16.2 bug fix release (bsc#1027519)
    xen-4.16.2-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - Drop patches contained in new tarball
    625fca42-VT-d-reserved-CAP-ND.patch
    626f7ee8-x86-MSR-handle-P5-MC-reads.patch
    627549d6-IO-shutdown-race.patch
    62a1e594-x86-clean-up-_get_page_type.patch
    62a1e5b0-x86-ABAC-race-in-_get_page_type.patch
    62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch
    62a1e5f0-x86-dont-change-cacheability-of-directmap.patch
    62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch
    62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch
    62a1e649-x86-track-and-flush-non-coherent.patch
    62a99614-IOMMU-x86-gcc12.patch
    62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch
    62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch
    62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch
    62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch
    62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch
    62c56cc0-libxc-fix-compilation-error-with-gcc13.patch
    62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch
    62cc31ee-cmdline-extend-parse_boolean.patch
    62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch
    62cd91d0-x86-spec-ctrl-rework-context-switching.patch
    62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch
    62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch
    62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
    62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch
    62cd91d5-x86-cpuid-BTC_NO-enum.patch
    62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch
    62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch
    xsa408.patch
* Thu Jul 28 2022 ohering@suse.de
  - bsc#1167608, bsc#1201631 - fix built-in default of max_event_channels
    A previous change to the built-in default had a logic error,
    effectively restoring the upstream limit of 1023 channels per domU.
    Fix the logic to calculate the default based on the number of vcpus.
    adjust libxl.max_event_channels.patch
* Wed Jul 13 2022 carnold@suse.com
  - Added --disable-pvshim when running configure in xen.spec.
    We have never shipped the shim and don't need to build it.
* Wed Jul 13 2022 jbeulich@suse.com
  - bsc#1199965 - VUL-0: CVE-2022-26362: xen: Race condition
    in typeref acquisition
    62a1e594-x86-clean-up-_get_page_type.patch
    62a1e5b0-x86-ABAC-race-in-_get_page_type.patch
  - bsc#1199966 - VUL-0: CVE-2022-26363,CVE-2022-26364: xen:
    Insufficient care with non-coherent mappings
    62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch
    62a1e5f0-x86-dont-change-cacheability-of-directmap.patch
    62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch
    62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch
    62a1e649-x86-track-and-flush-non-coherent.patch
  - bsc#1200549 VUL-0: CVE-2022-21123,CVE-2022-21125,CVE-2022-21166:
    xen: x86: MMIO Stale Data vulnerabilities (XSA-404)
    62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch
    62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch
    62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch
  - bsc#1201469 - VUL-0: CVE-2022-23816,CVE-2022-23825,CVE-2022-29900:
    xen: retbleed - arbitrary speculative code execution with return
    instructions (XSA-407)
    62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch
    62cc31ee-cmdline-extend-parse_boolean.patch
    62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch
    62cd91d0-x86-spec-ctrl-rework-context-switching.patch
    62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch
    62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch
    62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
    62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch
    62cd91d5-x86-cpuid-BTC_NO-enum.patch
    62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch
    62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch
  - Upstream bug fixes (bsc#1027519)
    62a99614-IOMMU-x86-gcc12.patch
    62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch
    62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch
  - Drop patches replaced by upstream versions
    xsa401-1.patch
    xsa401-2.patch
    xsa402-1.patch
    xsa402-2.patch
    xsa402-3.patch
    xsa402-4.patch
    xsa402-5.patch
* Tue Jul 12 2022 carnold@suse.com
  - bsc#1201394 - VUL-0: CVE-2022-33745: xen: insufficient TLB flush
    for x86 PV guests in shadow mode (XSA-408)
    xsa408.patch
  - Fix gcc13 compilation error
    62c56cc0-libxc-fix-compilation-error-with-gcc13.patch
* Tue Jun 28 2022 Stefan Schubert <schubi@suse.com>
  - Moved logrotate files from user specific directory /etc/logrotate.d
    to vendor specific directory /usr/etc/logrotate.d.
* Wed Jun 08 2022 jbeulich@suse.com
  - bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen:
    Insufficient care with non-coherent mappings
    fix xsa402-5.patch
* Tue May 31 2022 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    625fca42-VT-d-reserved-CAP-ND.patch
    626f7ee8-x86-MSR-handle-P5-MC-reads.patch
    627549d6-IO-shutdown-race.patch
  - bsc#1199965 - VUL-0: EMBARGOED: CVE-2022-26362: xen: Race condition
    in typeref acquisition
    xsa401-1.patch
    xsa401-2.patch
  - bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen:
    Insufficient care with non-coherent mappings
    xsa402-1.patch
    xsa402-2.patch
    xsa402-3.patch
    xsa402-4.patch
    xsa402-5.patch
* Tue May 10 2022 Dirk Müller <dmueller@suse.com>
  - fix python3 >= 3.10 version detection
* Wed Apr 13 2022 carnold@suse.com
  - Update to Xen 4.16.1 bug fix release (bsc#1027519)
    xen-4.16.1-testing-src.tar.bz2
  - Drop patches contained in new tarball
    61b31d5c-x86-restrict-all-but-self-IPI.patch
    61b88e78-x86-CPUID-TSXLDTRK-definition.patch
    61bc429f-revert-hvmloader-PA-range-should-be-UC.patch
    61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch
    61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch
    61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch
    61e0296a-x86-time-calibration-relative-counts.patch
    61e029c8-x86-time-TSC-freq-calibration-accuracy.patch
    61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch
    61e98e88-x86-introduce-get-set-reg-infra.patch
    61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch
    61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch
    61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch
    61eaaa23-x86-get-set-reg-infra-build.patch
    61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch
    61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch
    61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch
    61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch
    61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch
    61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch
    61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch
    61f933a4-x86-cpuid-advertise-SSB_NO.patch
    61f933a5-x86-drop-use_spec_ctrl-boolean.patch
    61f933a6-x86-new-has_spec_ctrl-boolean.patch
    61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch
    61f933a8-x86-SPEC_CTRL-record-last-write.patch
    61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch
    61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch
    61f933ab-x86-AMD-SPEC_CTRL-infra.patch
    61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch
    61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch
    6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch
    6202afa4-x86-TSX-move-has_rtm_always_abort.patch
    6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch
    6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch
    6202afa8-x86-Intel-PSFD-for-guests.patch
    62278667-Arm-introduce-new-processors.patch
    62278668-Arm-move-errata-CSV2-check-earlier.patch
    62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch
    6227866a-Arm-Spectre-BHB-handling.patch
    6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch
    6227866c-x86-AMD-cease-using-thunk-lfence.patch
    6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch
    624ebcef-VT-d-dont-needlessly-look-up-DID.patch
    624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch
    624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch
    xsa397.patch
    xsa399.patch
    xsa400-01.patch
    xsa400-02.patch
    xsa400-03.patch
    xsa400-04.patch
    xsa400-05.patch
    xsa400-06.patch
    xsa400-07.patch
    xsa400-08.patch
    xsa400-09.patch
    xsa400-10.patch
    xsa400-11.patch
    xsa400-12.patch
* Fri Apr 08 2022 jbeulich@suse.com
  - bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359,
    CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity
    map (AMD-Vi) handling issues (XSA-400)
    624ebcef-VT-d-dont-needlessly-look-up-DID.patch
    624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch
    624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch
* Mon Apr 04 2022 carnold@suse.com
  - bsc#1197423 - VUL-0: CVE-2022-26356: xen: Racy interactions
    between dirty vram tracking and paging log dirty hypercalls
    (XSA-397)
    xsa397.patch
  - bsc#1197425 - VUL-0: CVE-2022-26357: xen: race in VT-d domain ID
    cleanup (XSA-399)
    xsa399.patch
  - bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359,
    CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity
    map (AMD-Vi) handling issues (XSA-400)
    xsa400-01.patch
    xsa400-02.patch
    xsa400-03.patch
    xsa400-04.patch
    xsa400-05.patch
    xsa400-06.patch
    xsa400-07.patch
    xsa400-08.patch
    xsa400-09.patch
    xsa400-10.patch
    xsa400-11.patch
    xsa400-12.patch
  - Additional upstream bug fixes for XSA-400 (bsc#1027519)
    61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch
    61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch
    6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch
* Mon Mar 14 2022 jbeulich@suse.com
  - bsc#1196915 - VUL-0: CVE-2022-0001, CVE-2022-0002,CVE-2021-26401:
    xen: BHB speculation issues (XSA-398)
    62278667-Arm-introduce-new-processors.patch
    62278668-Arm-move-errata-CSV2-check-earlier.patch
    62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch
    6227866a-Arm-Spectre-BHB-handling.patch
    6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch
    6227866c-x86-AMD-cease-using-thunk-lfence.patch
* Thu Mar 03 2022 carnold@suse.com
  - bsc#1196545 - GCC 12: xen package fails
    gcc12-fixes.patch
* Mon Feb 14 2022 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    61e0296a-x86-time-calibration-relative-counts.patch
    61e029c8-x86-time-TSC-freq-calibration-accuracy.patch
    61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch
    61e98e88-x86-introduce-get-set-reg-infra.patch
    61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch
    61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch
    61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch
    61eaaa23-x86-get-set-reg-infra-build.patch
    61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch
    61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch
    61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch
    61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch
    61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch
    61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch
    61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch
    61f933a4-x86-cpuid-advertise-SSB_NO.patch
    61f933a5-x86-drop-use_spec_ctrl-boolean.patch
    61f933a6-x86-new-has_spec_ctrl-boolean.patch
    61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch
    61f933a8-x86-SPEC_CTRL-record-last-write.patch
    61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch
    61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch
    61f933ab-x86-AMD-SPEC_CTRL-infra.patch
    61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch
    61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch
    6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch
    6202afa4-x86-TSX-move-has_rtm_always_abort.patch
    6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch
    6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch
    6202afa8-x86-Intel-PSFD-for-guests.patch
  - Drop patches replaced by the above:
    xsa393.patch
    xsa394.patch
    xsa395.patch
    libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch
    libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch
    libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch
* Thu Jan 13 2022 carnold@suse.com
  - bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm:
    guest_physmap_remove_page not removing the p2m mappings (XSA-393)
    xsa393.patch
  - bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS
    Xen while unmapping a grant (XSA-394)
    xsa394.patch
  - bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of
    passed-through device IRQs (XSA-395)
    xsa395.patch
* Wed Jan 12 2022 carnold@suse.com
  - bsc#1191668 - L3: issue around xl and virsh operation - virsh
    list not giving any output (see also bsc#1194267)
    libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch
    libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch
* Tue Jan 11 2022 carnold@suse.com
  - bsc#1193307 - pci backend does not exist when attach a vf to a pv
    guest
    libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch
    Drop libxl-PCI-defer-backend-wait.patch
* Thu Jan 06 2022 jbeulich@suse.com
  - bsc#1193447 - Slow execution of hvmloader+ovmf when VM contains
    an sriov device
    61bc429f-revert-hvmloader-PA-range-should-be-UC.patch
  - Upstream bug fixes (bsc#1027519)
    61b31d5c-x86-restrict-all-but-self-IPI.patch
    61b88e78-x86-CPUID-TSXLDTRK-definition.patch
    61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch
* Tue Jan 04 2022 James Fehlig <jfehlig@suse.com>
  - Collect active VM config files in the supportconfig plugin
    xen-supportconfig
* Thu Dec 09 2021 carnold@suse.com
  - bsc#1193307 - pci backend does not exist when attach a vf to a pv
    guest
    libxl-PCI-defer-backend-wait.patch
* Wed Dec 01 2021 carnold@suse.com
  - Update to Xen 4.16.0 FCS release
    xen-4.16.0-testing-src.tar.bz2
    * Miscellaneous fixes to the TPM manager software in preparation
      for TPM 2.0 support.
    * Increased reliance on the PV shim as 32-bit PV guests will only
      be supported in shim mode going forward. This change reduces
      the attack surface in the hypervisor.
    * Increased hardware support by allowing Xen to boot on Intel
      devices that lack a Programmable Interval Timer.
    * Cleanup of legacy components by no longer building QEMU
      Traditional or PV-Grub by default. Note both projects have
      upstream Xen support merged now, so it is no longer recommended
      to use the Xen specific forks.
    * Initial support for guest virtualized Performance Monitor
      Counters on Arm.
    * Improved support for dom0less mode by allowing the usage on
      Arm 64bit hardware with EFI firmware.
    * Improved support for Arm 64-bit heterogeneous systems by
      leveling the CPU features across all to improve big.LITTLE
      support.
* Wed Nov 17 2021 carnold@suse.com
  - Update to Xen 4.16.0 RC3 release
    xen-4.16.0-testing-src.tar.bz2
  - Drop iPXE sources and patches. iPXE is only used by QEMU
    traditional which has never shipped with SLE15.
    ipxe.tar.bz2
    ipxe-enable-nics.patch
    ipxe-no-error-logical-not-parentheses.patch
    ipxe-use-rpm-opt-flags.patch
  - Drop building ocaml xenstored in the spec file. There are no
    plans or need to support this version.
* Mon Nov 08 2021 carnold@suse.com
  - Update to Xen 4.16.0 RC2 release
    xen-4.16.0-testing-src.tar.bz2
  - Modified files
    ipxe-use-rpm-opt-flags.patch
    ipxe.tar.bz2 (new version)
* Mon Nov 01 2021 carnold@suse.com
  - Update to Xen 4.16.0 RC1 release
    xen-4.16.0-testing-src.tar.bz2
  - Drop patches contained in new tarball or invalid
    615c9fd0-VT-d-fix-deassign-of-device-with-RMRR.patch
    libxc-sr-383b41974d5543b62f3181d216070fe3691fb130.patch
    libxc-sr-5588ebcfca774477cf823949e5703b0ac48818cc.patch
    libxc-sr-9e59d9f8ee3808acde9833192211da25f66d8cc2.patch
    libxc-sr-f17a73b3c0264c62dd6b5dae01ed621c051c3038.patch
    xenstore-launch.patch
* Wed Oct 06 2021 carnold@suse.com
  - bsc#1191363 - VUL-0: CVE-2021-28702: xen: PCI devices with RMRRs
    not deassigned correctly (XSA-386)
    615c9fd0-VT-d-fix-deassign-of-device-with-RMRR.patch
* Mon Sep 13 2021 jbeulich@suse.com
  - Revert "Simplify %autosetup".
* Fri Sep 10 2021 carnold@suse.com
  - Update to Xen 4.15.1 bug fix release
    xen-4.15.1-testing-src.tar.bz2
  - Drop patches contained in new tarball
    60631c38-VT-d-QI-restore-flush-hooks.patch
    60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
    60787714-revert-x86-HPET-avoid-legacy-replacement-mode.patch
    60787714-x86-HPET-avoid-legacy-replacement-mode.patch
    60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
    608676f2-VT-d-register-based-invalidation-optional.patch
    60a27288-x86emul-gas-2-36-test-harness-build.patch
    60af933d-x86-gcc11-hypervisor-build.patch
    60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
    60afe617-x86-TSX-minor-cleanup-and-improvements.patch
    60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch
    60be0e24-credit2-pick-runnable-unit.patch
    60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
    60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
    60bf9e19-Arm-create-dom0less-domUs-earlier.patch
    60bf9e1a-Arm-boot-modules-scrubbing.patch
    60bf9e1b-VT-d-size-qinval-queue-dynamically.patch
    60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch
    60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch
    60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch
    60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch
    60bfa904-AMD-IOMMU-wait-for-command-slot.patch
    60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch
    60c0bf86-x86-TSX-cope-with-deprecation.patch
    60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
    60c8de6e-osdep_xenforeignmemory_map-prototype.patch
    60d49689-VT-d-undo-device-mappings-upon-error.patch
    60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
    60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
    60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
    60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
    libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch
    libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch
    libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch
    libxl-85760c03d664400368a3f76ae0225307c25049a7.patch
    libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch
    libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch
    libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch
    libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch
    libxl-qemu6-vnc-password.patch
    libxl-qemu6-scsi.patch
* Mon Aug 30 2021 ohering@suse.de
  - bsc#1189882 - refresh libxc-sr-restore-hvm-legacy-superpage.patch
    prevent superpage allocation in the LAPIC and ACPI_INFO range
* Wed Aug 04 2021 carnold@suse.com
  - Drop aarch64-maybe-uninitialized.patch as the fix is in tarball.
* Mon Jul 26 2021 ohering@suse.de
  - Simplify %autosetup
* Fri Jul 23 2021 ohering@suse.de
  - refresh the migration patches to state v20210713
    removed libxc-sr-add-xc_is_known_page_type.patch
    removed libxc-sr-arrays.patch
    removed libxc-sr-batch_pfns.patch
    removed libxc-sr-page_type_has_stream_data.patch
    removed libxc-sr-use-xc_is_known_page_type.patch
    removed libxc.migrate_tracking.patch
    removed libxc.sr.superpage.patch
    removed libxl.set-migration-constraints-from-cmdline.patch
    added libxc-sr-383b41974d5543b62f3181d216070fe3691fb130.patch
    added libxc-sr-5588ebcfca774477cf823949e5703b0ac48818cc.patch
    added libxc-sr-9e59d9f8ee3808acde9833192211da25f66d8cc2.patch
    added libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch
    added libxc-sr-abort_if_busy.patch
    added libxc-sr-f17a73b3c0264c62dd6b5dae01ed621c051c3038.patch
    added libxc-sr-max_iters.patch
    added libxc-sr-min_remaining.patch
    added libxc-sr-number-of-iterations.patch
    added libxc-sr-precopy_policy.patch
    added libxc-sr-restore-hvm-legacy-superpage.patch
    added libxc-sr-track-migration-time.patch
    added libxc-sr-xg_sr_bitmap-populated_pfns.patch
    added libxc-sr-xg_sr_bitmap.patch
    added libxc-sr-xl-migration-debug.patch
* Thu Jul 22 2021 James Fehlig <jfehlig@suse.com>
  - spec: Change the '--with-system-ovmf' configure option to use
    the new Xen-specific ovmf firmware. The traditional, unified
    firmwares will no longer support multi-VMM. For more information
    https://bugzilla.tianocore.org/show_bug.cgi?id=1689
    https://bugzilla.tianocore.org/show_bug.cgi?id=2122
* Wed Jul 21 2021 ohering@suse.de
  - bsc#1176189 - xl monitoring process exits during xl save -p|-c
    keep the monitoring process running to cleanup the domU during shutdown
    xl-save-pc.patch
* Tue Jul 13 2021 jbeulich@suse.com
  - bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest
    60be0e24-credit2-pick-runnable-unit.patch
    60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
  - Upstream bug fixes (bsc#1027519)
    60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
    60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch)
    60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch)
    60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch)
    60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch)
    60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch)
    60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch)
    60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch)
    60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch)
    60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch)
    60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
    60c8de6e-osdep_xenforeignmemory_map-prototype.patch
    60d49689-VT-d-undo-device-mappings-upon-error.patch
    60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
    60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
    60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
    60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
  - Dropped gcc11-fixes.patch
* Tue Jun 29 2021 ohering@suse.de
  - bsc#1180350 - some long deprecated commands were finally removed
    in qemu6. Adjust libxl to use supported commands.
    libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch
    libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch
    libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch
    libxl-85760c03d664400368a3f76ae0225307c25049a7.patch
    libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch
    libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch
    libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch
    libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch
    libxl-qemu6-vnc-password.patch
    libxl-qemu6-scsi.patch
* Tue Jun 22 2021 ohering@suse.de
  - Update logrotate.conf, move global options into per-file sections
    to prevent globbering of global state (bsc#1187406)
* Mon Jun 07 2021 ohering@suse.de
  - Fix shell macro expansion in xen.spec, so that ExecStart=
    in xendomains-wait-disks.service is created correctly (bsc#1183877)
* Mon May 31 2021 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    60631c38-VT-d-QI-restore-flush-hooks.patch
    60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
    60787714-revert-x86-HPET-avoid-legacy-replacement-mode.patch
    60787714-x86-HPET-avoid-legacy-replacement-mode.patch
    60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
    608676f2-VT-d-register-based-invalidation-optional.patch
    60a27288-x86emul-gas-2-36-test-harness-build.patch
    60af933d-x86-gcc11-hypervisor-build.patch
    60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
    60afe617-x86-TSX-minor-cleanup-and-improvements.patch
    60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch
  - Embargoed security fixes
    xsa372-1.patch
    xsa372-2.patch
    xsa373-1.patch
    xsa373-2.patch
    xsa373-3.patch
    xsa373-4.patch
    xsa373-5.patch
    xsa375.patch
    xsa377.patch
  - Embargoed non-security fix
    x86-TSX-cope-with-deprecation.patch
* Mon May 31 2021 jbeulich@suse.com
  - x86-cpufreq-report.patch: Drop. We haven't had a kernel understanding
    this custom extension for quite some time.
* Tue May 04 2021 ohering@suse.de
  - Add xen.sysconfig-fillup.patch to make sure xencommons is in a
    format as expected by fillup. (bsc#1185682)
    Each comment needs to be followed by an enabled key. Otherwise
    fillup will remove manually enabled key=value pairs, along with
    everything that looks like a stale comment, during next pkg update
* Tue May 04 2021 ohering@suse.de
  - Remove init.xen_loop and /etc/modprobe.d/xen_loop.conf
    The number of loop devices is unlimited since a while
* Tue Apr 27 2021 ohering@suse.de
  - Refresh xenstore-launch.patch to cover also daemon case
* Wed Apr 21 2021 carnold@suse.com
  - Now that SOURCE_DATE_EPOCH is defined and Xen Makefile uses it,
    drop reproducible.patch
* Tue Apr 20 2021 carnold@suse.com
  - Update to Xen 4.15.0 FCS release
    xen-4.15.0-testing-src.tar.bz2
    * Xen can now export Intel Processor Trace (IPT) data from guests to tools in dom0.
    * Xen now supports Viridian enlightenments for guests with more than 64 vcpus.
    * Xenstored and oxenstored both now support LiveUpdate (tech preview).
    * Unified boot images
    * Switched x86 MSR accesses to deny by default policy.
    * Named PCI devices for xl/libxl and improved documentation for xl PCI configuration format.
    * Support for zstd-compressed dom0 (x86) and domU kernels.
    * Reduce ACPI verbosity by default.
    * Add ucode=allow-same option to test late microcode loading path.
    * Library improvements from NetBSD ports upstreamed.
    * x86: Allow domains to use AVX-VNNI instructions.
    * Added XEN_SCRIPT_DIR configuration option to specify location for Xen scripts.
    * xennet: Documented a way for the backend (or toolstack) to specify MTU to the frontend.
    * On detecting a host crash, some debug key handlers can automatically triggered to aid in debugging.
    * Increase the maximum number of guests which can share a single IRQ from 7 to 16, and make this configurable with irq-max-guests.
  - Dropped patches contained in new tarball
    5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch
    5fedf9f4-x86-hpet_setup-fix-retval.patch
    5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
    5ff71655-x86-dpci-EOI-regardless-of-masking.patch
    5ffc58c4-ACPI-reduce-verbosity-by-default.patch
    5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
    600999ad-x86-dpci-do-not-remove-pirqs-from.patch
    600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
    6011bbc7-x86-timer-fix-boot-without-PIT.patch
    6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
    6013e546-x86-HVM-reorder-domain-init-error-path.patch
    601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
    602bd768-page_alloc-only-flush-after-scrubbing.patch
    602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
    602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
    602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
    602ffae9-tools-libs-light-fix-xl-save--c-handling.patch
    6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
    60787714-x86-HPET-avoid-legacy-replacement-mode.patch
    60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
    60410127-gcc11-adjust-rijndaelEncrypt.patch
    60422428-x86-shadow-avoid-fast-fault-path.patch
    604b9070-VT-d-disable-QI-IR-before-init.patch
    60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch)
    60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
    libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch
    libxc-bitmap-longs.patch
    libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch
    libxl.fix-libacpi-dependency.patch
    stubdom-have-iovec.patch
    xenwatchdogd-options.patch
* Mon Apr 19 2021 carnold@suse.com
  - bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!"
    60787714-x86-HPET-avoid-legacy-replacement-mode.patch
    60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
  - Upstream bug fixes (bsc#1027519)
    60410127-gcc11-adjust-rijndaelEncrypt.patch
    60422428-x86-shadow-avoid-fast-fault-path.patch
    604b9070-VT-d-disable-QI-IR-before-init.patch
    60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch)
    60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
* Thu Mar 25 2021 ohering@suse.de
  - bsc#1137251 - Restore changes for xen-dom0-modules.service which
    were silently removed on 2019-10-17
* Fri Mar 12 2021 ohering@suse.de
  - bsc#1177112 - Fix libxc.sr.superpage.patch
    The receiving side did detect holes in a to-be-allocated superpage,
    but allocated a superpage anyway. This resulted to over-allocation.
* Mon Mar 08 2021 ohering@suse.de
  - bsc#1167608 - adjust limit for max_event_channels
    A previous change allowed an unbound number of event channels
    to make sure even large domUs can start of of the box.
    This may have a bad side effect in the light of XSA-344.
    Adjust the built-in limit based on the number of vcpus.
    In case this is not enough, max_event_channels=/maxEventChannels=
    has to be used to set the limit as needed for large domUs
    adjust libxl.max_event_channels.patch
* Fri Mar 05 2021 carnold@suse.com
  - bsc#1183072 - VUL-0: CVE-2021-28687: xen: HVM soft-reset crashes
    toolstack (XSA-368). Also resolves,
    bsc#1179148 - kdump of HVM fails, soft-reset not handled by libxl
    bsc#1181989 - openQA job causes libvirtd to dump core when
    running kdump inside domain
    xsa368.patch
* Fri Feb 26 2021 jbeulich@suse.com
  - bsc#1177204 - L3-Question: conring size for XEN HV's with huge
    memory to small. Inital Xen logs cut
    5ffc58c4-ACPI-reduce-verbosity-by-default.patch
  - Upstream bug fixes (bsc#1027519)
    601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
    602bd768-page_alloc-only-flush-after-scrubbing.patch
    602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
    602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
    602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
    6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
  - bsc#1181921 - GCC 11: xen package fails
    gcc11-fixes.patch
* Tue Feb 23 2021 carnold@suse.com
  - bsc#1182576 - L3: XEN domU crashed on resume when using the xl
    unpause command
    602ffae9-tools-libs-light-fix-xl-save--c-handling.patch
* Thu Feb 18 2021 carnold@suse.com
  - Start using the %autosetup macro to simplify patch management
    xen.spec
* Wed Feb 10 2021 carnold@suse.com
  - bsc#1181921 - GCC 11: xen package fails
    gcc11-fixes.patch
  - Drop gcc10-fixes.patch
* Tue Feb 02 2021 carnold@suse.com
  - Upstream bug fixes (bsc#1027519)
    5fedf9f4-x86-hpet_setup-fix-retval.patch
    5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
    5ff71655-x86-dpci-EOI-regardless-of-masking.patch
    5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
    600999ad-x86-dpci-do-not-remove-pirqs-from.patch (Replaces xsa360.patch)
    600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
    6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
    6013e546-x86-HVM-reorder-domain-init-error-path.patch
  - bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!"
    6011bbc7-x86-timer-fix-boot-without-PIT.patch
* Thu Jan 21 2021 carnold@suse.com
  - bsc#1181254 - VUL-0: xen: IRQ vector leak on x86 (XSA-360)
    xsa360.patch
* Wed Jan 13 2021 carnold@suse.com
  - bsc#1180794 - bogus qemu binary path used when creating fv guest
    under xen
    xen.spec
* Wed Jan 13 2021 carnold@suse.com
  - bsc#1180690 - L3-Question: xen: no needsreboot flag set
    Add Provides: installhint(reboot-needed) in xen.spec for libzypp
* Mon Jan 04 2021 ohering@suse.de
  - Update libxl.set-migration-constraints-from-cmdline.patch
    Remove code which handled --max_factor. The total amount of
    transferred data is no indicator to trigger the final stop+copy.
    This should have been removed during upgrade to Xen 4.7.
    Fix off-by-one in --max_iters, it caused one additional copy cycle.
    Reduce default value of --max_iters from 5 to 2.
    The workload within domU will continue to produce dirty pages.
    It is unreasonable to expect any slowdown during migration.
    Now there is one initial copy of all memory, one instead of four
    iteration for dirty memory, and a final copy iteration prior move.

Files

/usr/lib64/libxencall.so.1
/usr/lib64/libxencall.so.1.3
/usr/lib64/libxenctrl.so.4.19
/usr/lib64/libxenctrl.so.4.19.0
/usr/lib64/libxendevicemodel.so.1
/usr/lib64/libxendevicemodel.so.1.4
/usr/lib64/libxenevtchn.so.1
/usr/lib64/libxenevtchn.so.1.2
/usr/lib64/libxenforeignmemory.so.1
/usr/lib64/libxenforeignmemory.so.1.4
/usr/lib64/libxenfsimage.so.4.19
/usr/lib64/libxenfsimage.so.4.19.0
/usr/lib64/libxengnttab.so.1
/usr/lib64/libxengnttab.so.1.2
/usr/lib64/libxenguest.so.4.19
/usr/lib64/libxenguest.so.4.19.0
/usr/lib64/libxenhypfs.so.1
/usr/lib64/libxenhypfs.so.1.0
/usr/lib64/libxenlight.so.4.19
/usr/lib64/libxenlight.so.4.19.0
/usr/lib64/libxenstat.so.4.19
/usr/lib64/libxenstat.so.4.19.0
/usr/lib64/libxenstore.so.4
/usr/lib64/libxenstore.so.4.0
/usr/lib64/libxentoolcore.so.1
/usr/lib64/libxentoolcore.so.1.0
/usr/lib64/libxentoollog.so.1
/usr/lib64/libxentoollog.so.1.0
/usr/lib64/libxenvchan.so.4.19
/usr/lib64/libxenvchan.so.4.19.0
/usr/lib64/libxlutil.so.4.19
/usr/lib64/libxlutil.so.4.19.0
/usr/lib64/xenfsimage
/usr/lib64/xenfsimage/ext2fs
/usr/lib64/xenfsimage/ext2fs/fsimage.so
/usr/lib64/xenfsimage/fat
/usr/lib64/xenfsimage/fat/fsimage.so
/usr/lib64/xenfsimage/iso9660
/usr/lib64/xenfsimage/iso9660/fsimage.so
/usr/lib64/xenfsimage/reiserfs
/usr/lib64/xenfsimage/reiserfs/fsimage.so
/usr/lib64/xenfsimage/ufs
/usr/lib64/xenfsimage/ufs/fsimage.so
/usr/lib64/xenfsimage/zfs
/usr/lib64/xenfsimage/zfs/fsimage.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Dec 21 00:31:52 2024