rpms / xen

Clone
Source Code
GIT

Blame xen.spec

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 main private-20060208-sct-branch rawhide
  1.   39e256479c3f2a5bae2b58929d6939f51dd5edb4
  2.   xen.spec
Blob History Raw
35aabcb 
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
d486191 
# Build ocaml bits unless rpmbuild was run with --without ocaml
d486191 
# or ocamlopt is missing (the xen makefile doesn't build ocaml bits if it isn't there)
d486191 
%define with_ocaml  %{?_without_ocaml: 0} %{?!_without_ocaml: 1}
d486191 
%define build_ocaml %(test -x %{_bindir}/ocamlopt && echo %{with_ocaml} || echo 0)
a252867 
# build xsm support unless rpmbuild was run with --without xsm
a252867 
# or required packages are missing
a252867 
%define with_xsm  %{?_without_xsm: 0} %{?!_without_xsm: 1}
a252867 
%define build_xsm %(test -x %{_bindir}/checkpolicy && test -x %{_bindir}/m4 && echo %{with_xsm} || echo 0)
c67a8f8 
# cross compile 64-bit hypervisor on ix86 unless rpmbuild was run
c67a8f8 
#	with --without crosshyp
c67a8f8 
%define build_crosshyp %{?_without_crosshyp: 0} %{?!_without_crosshyp: 1}
c67a8f8 
%ifnarch %{ix86}
c67a8f8 
%define build_crosshyp 0
c67a8f8 
%define build_hyp 1
c67a8f8 
%else
c67a8f8 
%if %build_crosshyp
c67a8f8 
%define build_hyp 1
c67a8f8 
%else
c67a8f8 
%define build_hyp 0
c67a8f8 
# no point in trying to build xsm on ix86 without a hypervisor
a252867 
%define build_xsm 0
a252867 
%endif
c67a8f8 
%endif
c9994c1 
# build an efi boot image (where supported) unless rpmbuild was run with
c9994c1 
# --without efi
c9994c1 
%define build_efi %{?_without_efi: 0} %{?!_without_efi: 1}
c9994c1 
# xen only supports efi boot images on x86_64
c9994c1 
%ifnarch x86_64
c9994c1 
%define build_efi 0
c9994c1 
%endif
e933726 
%if "%dist" >= ".fc20"
e933726 
%define with_systemd_presets 1
e933726 
%else
e933726 
%define with_systemd_presets 0
e933726 
%endif
riel bf95569
5d197d9 
# Hypervisor ABI
e2943f8 
%define hv_abi  4.7
e843eee
riel bf95569 
Summary: Xen is a virtual machine monitor
riel bf95569 
Name:    xen
e2943f8 
Version: 4.7.0
39e2564 
Release: 6%{?dist}
riel bf95569 
Group:   Development/Libraries
9b693aa 
License: GPLv2+ and LGPLv2+ and BSD
b93c39f 
URL:     http://xen.org/
6f6eb2a 
Source0: http://bits.xensource.com/oss-xen/release/%{version}/xen-%{version}.tar.gz
b93c39f 
Source2: %{name}.logrotate
4fdf0a2 
# used by stubdoms
4fdf0a2 
Source10: lwip-1.3.0.tar.gz
4fdf0a2 
Source11: newlib-1.16.0.tar.gz
4fdf0a2 
Source12: zlib-1.2.3.tar.gz
4fdf0a2 
Source13: pciutils-2.2.9.tar.bz2
4fdf0a2 
Source14: grub-0.97.tar.gz
a252867 
Source15: polarssl-1.1.4-gpl.tgz
c3dd5cc 
# systemd file for xen driver domain
c3dd5cc 
Source20: xendriverdomain.service
39e2564 
# .config file for xen hypervisor
39e2564 
Source21: xen.hypervisor.config
e2943f8
e2943f8 
Patch1: xen-net-disable-iptables-on-bridge.patch
e2943f8 
Patch2: xen.use.fedora.ipxe.patch
e2943f8 
Patch3: xen.fedora.efi.build.patch
e2943f8 
Patch4: CVE-2014-0150.patch
e2943f8 
Patch5: xen.fedora.systemd.patch
e2943f8 
Patch6: xen.ocaml.selinux.fix.patch
e2943f8 
Patch7: xen.fedora.crypt.patch
e2943f8 
Patch8: qemu.trad.CVE-2015-6815.patch
e2943f8 
Patch9: qemu.trad.CVE-2015-5279.patch
e2943f8 
Patch10: qemu.trad.CVE-2015-5278.patch
e2943f8 
Patch11: qemu.trad.CVE-2015-7295.patch
e2943f8 
Patch12: qemu.git-00837731d254908a841d69298a4f9f077babaf24.patch
e2943f8 
Patch13: qemu.trad.CVE-2015-8345.patch
e2943f8 
Patch14: qemu.trad.CVE-2015-7512.patch
e2943f8 
Patch15: qemu.trad.CVE-2015-8504.patch
e2943f8 
Patch16: qemu.git-43b11a91dd861a946b231b89b754285.patch
e2943f8 
Patch17: qemu.git-d9a3b33d2c9f996537b7f1d0246dee2d0120cefb.patch
e2943f8 
Patch18: qemu.git-a7278b36fcab9af469563bd7b.patch
e2943f8 
Patch19: qemu.git-c6048f849c7e3f009786df76206e895.patch
e2943f8 
Patch20: qemu.trad.CVE-2016-1714.patch
e2943f8 
Patch21: qemu.CVE-2016-1922.patch
e2943f8 
Patch22: qemu.trad.CVE-2016-1981.patch
e2943f8 
Patch23: qemu.CVE-2016-2198.patch
e2943f8 
Patch24: qemu.CVE-2016-2841.patch
e2943f8 
Patch25: qemu.trad.CVE-2016-2841.patch
e2943f8 
Patch26: qemu.CVE-2016-2538.patch
e2943f8 
Patch27: qemu.trad.CVE-2016-2538.patch
e2943f8 
Patch28: qemu.CVE-2016-2392.patch
e2943f8 
Patch29: qemu.CVE-2016-2391.patch
e2943f8 
Patch30: qemu.CVE-2016-2857.patch
e2943f8 
Patch31: qemu.trad.CVE-2016-2857.patch
e2943f8 
Patch32: qemu.git-3a15cc0e1ee7168db0782133d2607a6bfa422d66.patch
e2943f8 
Patch33: qemu.trad.CVE-2016-4001.patch
e2943f8 
Patch34: qemu.CVE-2016-4002.patch
e2943f8 
Patch35: qemu.trad.CVE-2016-4002.patch
e2943f8 
Patch36: qemu.CVE-2016-4037.patch
e2943f8 
Patch37: qemu.bug1330513.patch
e2943f8 
Patch38: qemu.CVE-2016-4439.patch
e2943f8 
Patch39: qemu.trad.CVE-2016-4439.patch
e2943f8 
Patch40: qemu.CVE-2016-4441.patch
e2943f8 
Patch41: qemu.trad.CVE-2016-4441.patch
e2943f8 
Patch42: qemu.CVE-2016-5106.patch
e2943f8 
Patch43: qemu.CVE-2016-5105.patch
e2943f8 
Patch44: qemu.git-3c52ddcdc548e7fbe65112d8a7bdc9cd105b4750.patch
e2943f8 
Patch45: qemu.git-74074e8a7c60592cf1cc6469dbc2550d24aeded3.patch
e2943f8 
Patch46: qemu.git-9f14b0add1dcdbfa2ee61051d068211fb0a1fcc9.patch
e2943f8 
Patch47: qemu.git-60253ed1e6ec6d8e5ef2efe7bf755f475dce9956.patch
e2943f8 
Patch48: qemu.CVE-2016-4454.1.patch
e2943f8 
Patch49: qemu.CVE-2016-4454.2.patch
e2943f8 
Patch50: qemu.CVE-2016-4454.3.patch
e2943f8 
Patch51: qemu.CVE-2016-4453.patch
e2943f8 
Patch52: qemu.CVE-2016-5238.patch
e2943f8 
Patch53: qemu.trad.CVE-2016-5238.patch
e2943f8 
Patch54: qemu.CVE-2016-5338.patch
e2943f8 
Patch55: qemu.trad.CVE-2016-5338.patch
e2943f8 
Patch56: qemu.CVE-2016-5337.patch
e2943f8 
Patch57: xen.xs_watch.stacksize.patch
0e29250 
Patch58: xsa182-unstable.patch
0e29250 
Patch59: xsa183-unstable.patch
57359f7 
Patch60: xsa184-qemut-master.patch
57359f7 
Patch61: xsa184-qemuu-master.patch
57359f7 
Patch62: qemu.git-926cde5f3e4d2504ed161ed0.patch
57359f7 
Patch63: qemu.git-cc96677469388bad3d664793.patch
57359f7 
Patch64: qemu.trad.CVE-2016-6351.patch
eb91793 
Patch65: xen.glibcfix.patch
eb91793 
Patch66: xsa185.patch
eb91793 
Patch67: xsa186-0001-x86-emulate-Correct-boundary-interactions-of-emulate.patch
eb91793 
Patch68: xsa187-4.7-0001-x86-shadow-Avoid-overflowing-sh_ctxt-seg.patch
eb91793 
Patch69: xsa187-4.7-0002-x86-segment-Bounds-check-accesses-to-emulation-ctx.patch
39e2564 
Patch70: qemu.git-fff39a7ad09da07ef490de05c92c91f22f8002f2.patch
39e2564 
Patch71: qemu.git-805b5d98c649d26fc44d2d7755a97f18e62b438a.patch
39e2564 
Patch72: qemu.git-56f101ecce0eafd09e2daf1c4eeb1377d6959261.patch
39e2564 
Patch73: qemu.git-a0d1cbdacff5df4ded16b753b38fdd9da6092968.patch
39e2564 
Patch74: xsa190.patch
b665e43
ff5c4a8
riel bf95569 
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
riel 399577f 
BuildRequires: transfig libidn-devel zlib-devel texi2html SDL-devel curl-devel
c9994c1 
BuildRequires: libX11-devel python-devel ghostscript texlive-latex
9b3fc6f 
%if "%dist" >= ".fc18"
9e2a611 
BuildRequires: texlive-times texlive-courier texlive-helvetic texlive-ntgclass
c9994c1 
%endif
Stephen Tweedie 599e0d6 
BuildRequires: ncurses-devel gtk2-devel libaio-devel
b93c39f 
# for the docs
d1378cc 
BuildRequires: perl perl-generators perl(Pod::Man) perl(Pod::Text) texinfo graphviz
b665e43 
# optional requires for more documentation
cb88c6d 
#BuildRequires: pandoc discount
cb88c6d 
BuildRequires: discount
a252867 
%ifarch %{ix86} x86_64
Stephen Tweedie 1023b64 
# so that x86_64 builds pick up glibc32 correctly
54dc575 
BuildRequires: /usr/include/gnu/stubs-32.h
b93c39f 
# for the VMX "bios"
a1de77a 
BuildRequires: dev86
a1de77a 
%endif
de12dc6 
BuildRequires: gettext
94aa64e 
BuildRequires: gnutls-devel
28b7376 
BuildRequires: openssl-devel
f3a7064 
# For ioemu PCI passthrough
f3a7064 
BuildRequires: pciutils-devel
940f206 
# Several tools now use uuid
940f206 
BuildRequires: libuuid-devel
940f206 
# iasl needed to build hvmloader
940f206 
BuildRequires: iasl
c9994c1 
# build using Fedora seabios and ipxe packages for roms
c9994c1 
BuildRequires: seabios-bin ipxe-roms-qemu
fb6615d 
# modern compressed kernels
fb6615d 
BuildRequires: bzip2-devel xz-devel
bd0a32e 
# libfsimage
bd0a32e 
BuildRequires: e2fsprogs-devel
a252867 
# tools now require yajl and wget
a252867 
BuildRequires: yajl-devel wget
f0ae6d6 
# remus support now needs libnl3
f0ae6d6 
BuildRequires: libnl3-devel
a252867 
%if %with_xsm
a252867 
# xsm policy file needs needs checkpolicy and m4
a252867 
BuildRequires: checkpolicy m4
a252867 
%endif
c67a8f8 
%if %build_crosshyp
c67a8f8 
# cross compiler for building 64-bit hypervisor on ix86
c67a8f8 
BuildRequires: gcc-x86_64-linux-gnu
c67a8f8 
%endif
f8272d2 
Requires: bridge-utils
b1e5b4a 
Requires: python-lxml
b93c39f 
Requires: xen-runtime = %{version}-%{release}
Stephen Tweedie 00956fb 
# Not strictly a dependency, but kpartx is by far the most useful tool right
Stephen Tweedie 00956fb 
# now for accessing domU data from within a dom0 so bring it in when the user
Stephen Tweedie 00956fb 
# installs xen.
Stephen Tweedie 00956fb 
Requires: kpartx
e594e25 
Requires: chkconfig
a252867 
ExclusiveArch: %{ix86} x86_64
a7ec3f3 
#ExclusiveArch: %#{ix86} x86_64 ia64 noarch
d486191 
%if %with_ocaml
d486191 
BuildRequires: ocaml, ocaml-findlib
d486191 
%endif
c9994c1 
# efi image needs an ld that has -mi386pep option
c9994c1 
%if %build_efi
c9994c1 
BuildRequires: mingw64-binutils
c9994c1 
%endif
e933726 
%if %with_systemd_presets
e933726 
Requires(post): systemd
e933726 
Requires(preun): systemd
e933726 
Requires(postun): systemd
e933726 
BuildRequires: systemd
e933726 
%endif
a36066c 
BuildRequires: systemd-devel
riel bf95569
riel bf95569 
%description
b93c39f 
This package contains the XenD daemon and xm command line
b93c39f 
tools, needed to manage virtual machines running under the
b93c39f 
Xen hypervisor
riel bf95569
6329324 
%package libs
6329324 
Summary: Libraries for Xen tools
6329324 
Group: Development/Libraries
6329324 
Requires(pre): /sbin/ldconfig
6329324 
Requires(post): /sbin/ldconfig
c6a6ecc 
Requires: xen-licenses
6329324
6329324 
%description libs
b93c39f 
This package contains the libraries needed to run applications
b93c39f 
which manage Xen virtual machines.
b93c39f
b93c39f
b93c39f 
%package runtime
b93c39f 
Summary: Core Xen runtime environment
b93c39f 
Group: Development/Libraries
b93c39f 
Requires: xen-libs = %{version}-%{release}
f1397f3 
#Requires: /usr/bin/qemu-img /usr/bin/qemu-nbd
f1397f3 
Requires: /usr/bin/qemu-img
b93c39f 
# Ensure we at least have a suitable kernel installed, though we can't
b93c39f 
# force user to actually boot it.
b93c39f 
Requires: xen-hypervisor-abi = %{hv_abi}
b93c39f
b93c39f 
%description runtime
b93c39f 
This package contains the runtime programs and daemons which
b93c39f 
form the core Xen userspace environment.
b93c39f
6329324
e843eee 
%package hypervisor
e843eee 
Summary: Libraries for Xen tools
e843eee 
Group: Development/Libraries
e843eee 
Provides: xen-hypervisor-abi = %{hv_abi}
c6a6ecc 
Requires: xen-licenses
e843eee
e843eee 
%description hypervisor
e843eee 
This package contains the Xen hypervisor
befec2e
befec2e
befec2e 
%package doc
befec2e 
Summary: Xen documentation
b68532d 
Group: Documentation
48a1ef6 
#BuildArch: noarch
c6a6ecc 
Requires: xen-licenses
befec2e
befec2e 
%description doc
befec2e 
This package contains the Xen documentation.
befec2e
e843eee
6329324 
%package devel
6329324 
Summary: Development libraries for Xen tools
6329324 
Group: Development/Libraries
6329324 
Requires: xen-libs = %{version}-%{release}
09cb75b 
Requires: libuuid-devel
6329324
6329324 
%description devel
b93c39f 
This package contains what's needed to develop applications
b93c39f 
which manage Xen virtual machines.
6329324
befec2e
c6a6ecc 
%package licenses
c6a6ecc 
Summary: License files from Xen source
c6a6ecc 
Group: Documentation
c6a6ecc
c6a6ecc 
%description licenses
c6a6ecc 
This package contains the license files from the source used
c6a6ecc 
to build the xen packages.
c6a6ecc
c6a6ecc
d486191 
%if %build_ocaml
d486191 
%package ocaml
d486191 
Summary: Ocaml libraries for Xen tools
d486191 
Group: Development/Libraries
d486191 
Requires: ocaml-runtime, xen-libs = %{version}-%{release}
d486191
d486191 
%description ocaml
d486191 
This package contains libraries for ocaml tools to manage Xen
d486191 
virtual machines.
d486191
d486191
d486191 
%package ocaml-devel
d486191 
Summary: Ocaml development libraries for Xen tools
d486191 
Group: Development/Libraries
d486191 
Requires: xen-ocaml = %{version}-%{release}
d486191
d486191 
%description ocaml-devel
d486191 
This package contains libraries for developing ocaml tools to
d486191 
manage Xen virtual machines.
d486191 
%endif
d486191
d486191
riel bf95569 
%prep
befec2e 
%setup -q
e2943f8 
%patch1 -p1
e2943f8 
%patch2 -p1
e2943f8 
%patch3 -p1
e2943f8 
%patch4 -p1
befec2e 
%patch5 -p1
e2943f8 
%patch6 -p1
e2943f8 
%patch7 -p1
e2943f8 
%patch8 -p1
e2943f8 
%patch9 -p1
e2943f8 
%patch10 -p1
a252867 
%patch11 -p1
a252867 
%patch12 -p1
a252867 
%patch13 -p1
a36066c 
%patch14 -p1
a252867 
%patch15 -p1
a36066c 
%patch16 -p1
a252867 
%patch17 -p1
a252867 
%patch18 -p1
e2943f8 
%patch19 -p1
a252867 
%patch20 -p1
3913e55 
%patch21 -p1
3913e55 
%patch22 -p1
c3d931e 
%patch23 -p1
f0ae6d6 
%patch24 -p1
7f80525 
%patch25 -p1
7f80525 
%patch26 -p1
7f80525 
%patch27 -p1
7f80525 
%patch28 -p1
7f80525 
%patch29 -p1
e2943f8 
%patch30 -p1
e2943f8 
%patch31 -p1
e2943f8 
%patch32 -p1
e2943f8 
%patch33 -p1
e2943f8 
%patch34 -p1
e2943f8 
%patch35 -p1
e2943f8 
%patch36 -p1
e2943f8 
%patch37 -p1
e2943f8 
%patch38 -p1
e2943f8 
%patch39 -p1
e2943f8 
%patch40 -p1
e2943f8 
%patch41 -p1
e2943f8 
%patch42 -p1
e2943f8 
%patch43 -p1
e2943f8 
%patch44 -p1
e2943f8 
%patch45 -p1
34cdd53 
%patch46 -p1
e2943f8 
%patch47 -p1
e2943f8 
%patch48 -p1
34cdd53 
%patch49 -p1
34cdd53 
%patch50 -p1
34cdd53 
%patch51 -p1
e2943f8 
%patch52 -p1
e2943f8 
%patch53 -p1
e2943f8 
%patch54 -p1
e2943f8 
%patch55 -p1
e2943f8 
%patch56 -p1
e2943f8 
%patch57 -p1
0e29250 
%patch58 -p1
0e29250 
%patch59 -p1
eb91793 
%patch65 -p1
eb91793 
%patch66 -p1
eb91793 
%patch67 -p1
eb91793 
%patch68 -p1
eb91793 
%patch69 -p1
39e2564 
%patch74 -p1
d0c6dbb
57359f7 
# qemu-xen-traditional patches
57359f7 
pushd tools/qemu-xen-traditional
57359f7 
%patch60 -p1
57359f7 
%patch64 -p1
57359f7 
popd
57359f7
57359f7 
# qemu-xen patches
57359f7 
pushd tools/qemu-xen
57359f7 
%patch61 -p1
57359f7 
%patch62 -p1
57359f7 
%patch63 -p1
39e2564 
%patch70 -p1
39e2564 
%patch71 -p1
39e2564 
%patch72 -p1
39e2564 
%patch73 -p1
57359f7 
popd
57359f7
4fdf0a2 
# stubdom sources
a252867 
cp -v %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} %{SOURCE15} stubdom
39e2564 
# copy xen hypervisor .config file to change settings
39e2564 
cp -v %{SOURCE21} xen/.config
4fdf0a2
befec2e
riel bf95569 
%build
d486191 
%if !%build_ocaml
d486191 
%define ocaml_flags OCAML_TOOLS=n
d486191 
%endif
c9994c1 
%if %build_efi
c9994c1 
%define efi_flags LD_EFI=/usr/x86_64-w64-mingw32/bin/ld
c9994c1 
mkdir -p dist/install/boot/efi/efi/fedora
c9994c1 
%endif
0645ea4 
%if %(test -f /usr/share/seabios/bios-256k.bin && echo 1|| echo 0)
0645ea4 
%define seabiosloc /usr/share/seabios/bios-256k.bin
0645ea4 
%else
0645ea4 
%define seabiosloc /usr/share/seabios/bios.bin
0645ea4 
%endif
befec2e 
export XEN_VENDORVERSION="-%{release}"
e2943f8 
export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS"
e2943f8 
export EXTRA_CFLAGS_QEMU_TRADITIONAL="$RPM_OPT_FLAGS"
e2943f8 
export EXTRA_CFLAGS_QEMU_XEN="$RPM_OPT_FLAGS"
e2943f8 
%if %build_crosshyp
e2943f8 
XEN_TARGET_ARCH=x86_64 make %{?_smp_mflags} %{?efi_flags} prefix=/usr xen CC="/usr/bin/x86_64-linux-gnu-gcc `echo $RPM_OPT_FLAGS | sed -e 's/-m32//g' -e 's/-march=i686//g' -e 's/-mtune=atom//g'`"
e2943f8 
%else
e2943f8 
make %{?_smp_mflags} %{?efi_flags} prefix=/usr xen CC="gcc $RPM_OPT_FLAGS"
e2943f8 
%endif
f37f50b 
./configure --prefix=%{_prefix} --libdir=%{_libdir} --with-system-seabios=%{seabiosloc} --with-system-qemu=/usr/bin/qemu-system-i386 --with-linux-backend-modules="xen-evtchn xen-gntdev xen-gntalloc xen-blkback xen-netback xen-pciback xen-scsiback xen-acpi-processor"
e2943f8 
make %{?_smp_mflags} %{?ocaml_flags} prefix=/usr tools
e2943f8 
make                 prefix=/usr docs
e2943f8 
export RPM_OPT_FLAGS_RED=`echo $RPM_OPT_FLAGS | sed -e 's/-m64//g' -e 's/--param=ssp-buffer-size=4//g' -e's/-fstack-protector-strong//'`
e2943f8 
%ifarch %{ix86}
e2943f8 
export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS_RED"
e2943f8 
%endif
e2943f8 
make mini-os-dir
e2943f8 
make -C stubdom build
e2943f8 
%ifarch x86_64
e2943f8 
export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS_RED"
e2943f8 
XEN_TARGET_ARCH=x86_32 make -C stubdom pv-grub
e2943f8 
%endif
befec2e
riel bf95569
riel bf95569 
%install
riel bf95569 
rm -rf %{buildroot}
d486191 
%if %build_ocaml
d486191 
mkdir -p %{buildroot}%{_libdir}/ocaml/stublibs
d486191 
%endif
c9994c1 
%if %build_efi
c9994c1 
mkdir -p %{buildroot}/boot/efi/efi/fedora
c9994c1 
%endif
e2943f8 
%if %build_crosshyp
e2943f8 
XEN_TARGET_ARCH=x86_64 make DESTDIR=%{buildroot} %{?efi_flags}  prefix=/usr install-xen CC="/usr/bin/x86_64-linux-gnu-gcc"
e2943f8 
%else
c9994c1 
make DESTDIR=%{buildroot} %{?efi_flags}  prefix=/usr install-xen
e2943f8 
%endif
d486191 
make DESTDIR=%{buildroot} %{?ocaml_flags} prefix=/usr install-tools
befec2e 
make DESTDIR=%{buildroot} prefix=/usr install-docs
d486191 
make DESTDIR=%{buildroot} %{?ocaml_flags} prefix=/usr install-stubdom
c9994c1 
%if %build_efi
c9994c1 
mv %{buildroot}/boot/efi/efi %{buildroot}/boot/efi/EFI
c9994c1 
%endif
a252867 
%if %build_xsm
a252867 
# policy file should be in /boot/flask
a252867 
mkdir %{buildroot}/boot/flask
a36066c 
mv %{buildroot}/boot/xenpolicy* %{buildroot}/boot/flask
a252867 
%else
a36066c 
rm -f %{buildroot}/boot/xenpolicy*
a252867 
%endif
e843eee
befec2e 
############ debug packaging: list files ############
6645a82
befec2e 
find %{buildroot} -print | xargs ls -ld | sed -e 's|.*%{buildroot}||' > f1.list
riel f2021d8
befec2e 
############ kill unwanted stuff ############
6645a82
befec2e 
# stubdom: newlib
befec2e 
rm -rf %{buildroot}/usr/*-xen-elf
befec2e
befec2e 
# hypervisor symlinks
940f206 
rm -rf %{buildroot}/boot/xen-4.0.gz
940f206 
rm -rf %{buildroot}/boot/xen-4.gz
c67a8f8 
%if !%build_hyp
a252867 
rm -rf %{buildroot}/boot
a252867 
%endif
493e9c3
48e8217 
# silly doc dir fun
6645a82 
rm -fr %{buildroot}%{_datadir}/doc/xen
6645a82 
rm -rf %{buildroot}%{_datadir}/doc/qemu
48e8217
b93c39f 
# Pointless helper
b93c39f 
rm -f %{buildroot}%{_sbindir}/xen-python-path
9577c07
befec2e 
# qemu stuff (unused or available from upstream)
befec2e 
rm -rf %{buildroot}/usr/share/xen/man
befec2e 
rm -rf %{buildroot}/usr/bin/qemu-*-xen
77513e5 
ln -s qemu-img %{buildroot}/%{_bindir}/qemu-img-xen
befec2e 
ln -s qemu-img %{buildroot}/%{_bindir}/qemu-nbd-xen
befec2e 
for file in bios.bin openbios-sparc32 openbios-sparc64 ppc_rom.bin \
befec2e 
         pxe-e1000.bin pxe-ne2k_pci.bin pxe-pcnet.bin pxe-rtl8139.bin \
befec2e 
         vgabios.bin vgabios-cirrus.bin video.x openbios-ppc bamboo.dtb
77513e5 
do
befec2e 
	rm -f %{buildroot}/%{_datadir}/xen/qemu/$file
77513e5 
done
77513e5
befec2e 
# README's not intended for end users
77513e5 
rm -f %{buildroot}/%{_sysconfdir}/xen/README*
77513e5
223f13c 
# standard gnu info files
223f13c 
rm -rf %{buildroot}/usr/info
223f13c
e594e25 
# adhere to Static Library Packaging Guidelines
e594e25 
rm -rf %{buildroot}/%{_libdir}/*.a
e594e25
c9994c1 
%if %build_efi
c9994c1 
# clean up extra efi files
c9994c1 
rm -rf %{buildroot}/%{_libdir}/efi
c9994c1 
%endif
c9994c1
befec2e 
############ fixup files in /etc ############
befec2e
befec2e 
# logrotate
befec2e 
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d/
befec2e 
install -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
befec2e
befec2e 
# init scripts
f81c8ad 
rm %{buildroot}%{_sysconfdir}/rc.d/init.d/xen-watchdog
f81c8ad 
rm %{buildroot}%{_sysconfdir}/rc.d/init.d/xencommons
b487af7 
rm %{buildroot}%{_sysconfdir}/rc.d/init.d/xendomains
c3dd5cc 
rm %{buildroot}%{_sysconfdir}/rc.d/init.d/xendriverdomain
c3dd5cc
c3dd5cc 
install -m 644 %{SOURCE20} %{buildroot}%{_unitdir}/xendriverdomain.service
940f206
befec2e 
############ create dirs in /var ############
befec2e
befec2e 
mkdir -p %{buildroot}%{_localstatedir}/lib/xen/images
befec2e 
mkdir -p %{buildroot}%{_localstatedir}/log/xen/console
befec2e
e0fffad 
############ create symlink for x86_64 for compatibility with 4.4 ############
e0fffad
e0fffad 
%if "%{_libdir}" != "/usr/lib"
e0fffad 
ln -s /usr/lib/%{name} %{buildroot}/%{_libdir}/%{name}
e0fffad 
%endif
e0fffad
0d68c8d 
############ create symlink to qemu-system-i386 in /usr/bin ############
0d68c8d 
ln -s /usr/bin/qemu-system-i386 %{buildroot}/usr/lib/%{name}/bin/qemu-system-i386
0d68c8d
befec2e 
############ debug packaging: list files ############
befec2e
befec2e 
find %{buildroot} -print | xargs ls -ld | sed -e 's|.*%{buildroot}||' > f2.list
befec2e 
diff -u f1.list f2.list || true
befec2e
c6a6ecc 
############ assemble license files ############
c6a6ecc
c6a6ecc 
mkdir licensedir
c6a6ecc 
# avoid licensedir to avoid recursion, also stubdom/ioemu and dist
c6a6ecc 
# which are copies of files elsewhere
c6a6ecc 
find . -path licensedir -prune -o -path stubdom/ioemu -prune -o \
c6a6ecc 
  -path dist -prune -o -name COPYING -o -name LICENSE | while read file; do
c6a6ecc 
  mkdir -p licensedir/`dirname $file`
c6a6ecc 
  install -m 644 $file licensedir/$file
c6a6ecc 
done
c6a6ecc
befec2e 
############ all done now ############
096de1e
76c40e4 
%post
e933726 
%if %with_systemd_presets
e933726 
%systemd_post xendomains.service
e933726 
%else
a252867 
if [ $1 == 1 ]; then
a252867 
  /bin/systemctl enable xendomains.service
a252867 
fi
05fd902 
%endif
76c40e4
76c40e4 
%preun
e933726 
%if %with_systemd_presets
e933726 
%systemd_preun xendomains.service
e933726 
%else
a252867 
if [ $1 == 0 ]; then
e41a4a2 
/bin/systemctl disable xendomains.service
76c40e4 
fi
e933726 
%endif
e933726
e933726 
%if %with_systemd_presets
e933726 
%postun
e933726 
%systemd_postun
e933726 
%endif
76c40e4
b93c39f 
%post runtime
e933726 
%if %with_systemd_presets
e933726 
%systemd_post xenstored.service xenconsoled.service
e933726 
%else
a252867 
if [ $1 == 1 ]; then
a252867 
  /bin/systemctl enable xenstored.service
a252867 
  /bin/systemctl enable xenconsoled.service
a252867 
fi
f81c8ad 
%endif
b93c39f
b93c39f 
%preun runtime
e933726 
%if %with_systemd_presets
e933726 
%systemd_preun xenstored.service xenconsoled.service
e933726 
%else
a252867 
if [ $1 == 0 ]; then
bc53f7c 
  /bin/systemctl disable xenstored.service
eb73cc6 
  /bin/systemctl disable xenconsoled.service
b93c39f 
fi
e933726 
%endif
e933726
e933726 
%if %with_systemd_presets
e933726 
%postun runtime
e933726 
%systemd_postun
e933726 
%endif
b93c39f
2e5da8c 
%post libs -p /sbin/ldconfig
2e5da8c 
%postun libs -p /sbin/ldconfig
2e5da8c
c67a8f8 
%if %build_hyp
4b8e3c5 
%post hypervisor
f0ae6d6 
if [ $1 == 1 -a -f /sbin/grub2-mkconfig ]; then
f0ae6d6 
  if [ -f /boot/grub2/grub.cfg ]; then
f0ae6d6 
    /sbin/grub2-mkconfig -o /boot/grub2/grub.cfg
f0ae6d6 
  fi
f0ae6d6 
  if [ -f /boot/efi/EFI/fedora/grub.cfg ]; then
f0ae6d6 
    /sbin/grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
f0ae6d6 
  fi
4b8e3c5 
fi
4b8e3c5
4b8e3c5 
%postun hypervisor
f0ae6d6 
if [ -f /sbin/grub2-mkconfig ]; then
f0ae6d6 
  if [ -f /boot/grub2/grub.cfg ]; then
f0ae6d6 
    /sbin/grub2-mkconfig -o /boot/grub2/grub.cfg
f0ae6d6 
  fi
f0ae6d6 
  if [ -f /boot/efi/EFI/fedora/grub.cfg ]; then
f0ae6d6 
    /sbin/grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
f0ae6d6 
  fi
4b8e3c5 
fi
a252867 
%endif
4b8e3c5
3790789 
%if %build_ocaml
9cd22a4 
%post ocaml
e933726 
%if %with_systemd_presets
e933726 
%systemd_post oxenstored.service
e933726 
%else
9cd22a4 
if [ $1 == 1 ]; then
9cd22a4 
  /bin/systemctl enable oxenstored.service
9cd22a4 
fi
9cd22a4 
%endif
9cd22a4
9cd22a4 
%preun ocaml
e933726 
%if %with_systemd_presets
1a8c4a3 
%systemd_preun oxenstored.service
e933726 
%else
9cd22a4 
if [ $1 == 0 ]; then
9cd22a4 
  /bin/systemctl disable oxenstored.service
9cd22a4 
fi
9cd22a4 
%endif
9cd22a4
e933726 
%if %with_systemd_presets
e933726 
%postun ocaml
e933726 
%systemd_postun
e933726 
%endif
e933726 
%endif
e933726
riel bf95569 
%clean
befec2e 
rm -rf %{buildroot}
riel bf95569
b93c39f 
# Base package only contains XenD/xm python stuff
096de1e 
#files -f xen-xm.lang
riel bf95569 
%files
riel bf95569 
%defattr(-,root,root)
riel c78ce7f 
%doc COPYING README
befec2e 
%{_bindir}/xencons
riel 1001d60 
%{python_sitearch}/%{name}
14244c1 
%{python_sitearch}/xen-*.egg-info
b93c39f
b93c39f 
# Guest autostart links
b93c39f 
%dir %attr(0700,root,root) %{_sysconfdir}/%{name}/auto
b93c39f 
# Autostart of guests
b93c39f 
%config(noreplace) %{_sysconfdir}/sysconfig/xendomains
b93c39f
05fd902 
%{_unitdir}/xendomains.service
b93c39f
b93c39f 
%files libs
b93c39f 
%defattr(-,root,root)
b93c39f 
%{_libdir}/*.so.*
cfdffb8 
%{_libdir}/fs
b93c39f
b93c39f 
# All runtime stuff except for XenD/xm python stuff
b93c39f 
%files runtime
b93c39f 
%defattr(-,root,root)
b93c39f 
# Hotplug rules
b93c39f
b93c39f 
%dir %attr(0700,root,root) %{_sysconfdir}/%{name}
b93c39f 
%dir %attr(0700,root,root) %{_sysconfdir}/%{name}/scripts/
b93c39f 
%config %attr(0700,root,root) %{_sysconfdir}/%{name}/scripts/*
b93c39f
34085e7 
%{_sysconfdir}/bash_completion.d/xl.sh
b93c39f
52354b5 
%{_unitdir}/proc-xen.mount
52354b5 
%{_unitdir}/var-lib-xenstored.mount
52354b5 
%{_unitdir}/xenstored.service
52354b5 
%{_unitdir}/xenconsoled.service
52354b5 
%{_unitdir}/xen-watchdog.service
a36066c 
%{_unitdir}/xen-qemu-dom0-disk-backend.service
a36066c 
%{_unitdir}/xenstored.socket
a36066c 
%{_unitdir}/xenstored_ro.socket
c3dd5cc 
%{_unitdir}/xendriverdomain.service
a36066c 
/usr/lib/modules-load.d/xen.conf
df2a330
d48d28a 
%config(noreplace) %{_sysconfdir}/sysconfig/xencommons
d48d28a 
%config(noreplace) %{_sysconfdir}/xen/xl.conf
d48d28a 
%config(noreplace) %{_sysconfdir}/xen/cpupool
c9994c1 
%config(noreplace) %{_sysconfdir}/xen/xlexample*
b93c39f
b93c39f 
# Rotate console log files
b93c39f 
%config(noreplace) %{_sysconfdir}/logrotate.d/xen
b93c39f
b93c39f 
# Programs run by other programs
a36066c 
%dir /usr/lib/%{name}
a36066c 
%dir /usr/lib/%{name}/bin
a36066c 
%attr(0700,root,root) /usr/lib/%{name}/bin/*
b93c39f 
# QEMU runtime files
riel 399577f 
%dir %{_datadir}/%{name}/qemu
096de1e 
%dir %{_datadir}/%{name}/qemu/keymaps
riel c78ce7f 
%{_datadir}/%{name}/qemu/keymaps/*
b93c39f
b93c39f 
# man pages
b93c39f 
%{_mandir}/man1/xentop.1*
b93c39f 
%{_mandir}/man1/xentrace_format.1*
b93c39f 
%{_mandir}/man8/xentrace.8*
c9994c1 
%{_mandir}/man1/xl.1*
c9994c1 
%{_mandir}/man5/xl.cfg.5*
c9994c1 
%{_mandir}/man5/xl.conf.5*
c9994c1 
%{_mandir}/man5/xlcpupool.cfg.5*
e1a5934 
%{_mandir}/man1/xenstore*
b93c39f
b93c39f 
%{python_sitearch}/fsimage.so
b93c39f 
%{python_sitearch}/grub
b93c39f 
%{python_sitearch}/pygrub-*.egg-info
b93c39f
b93c39f 
# The firmware
a252867 
%ifarch %{ix86} x86_64
b93c39f 
%dir /usr/lib/%{name}/boot
e0fffad 
%if "%{_libdir}" != "/usr/lib"
e0fffad 
%{_libdir}/%{name}
e0fffad 
%endif
b93c39f 
/usr/lib/xen/boot/hvmloader
befec2e 
/usr/lib/xen/boot/ioemu-stubdom.gz
c9994c1 
/usr/lib/xen/boot/xenstore-stubdom.gz
4fdf0a2 
/usr/lib/xen/boot/pv-grub*.gz
b93c39f 
%endif
b93c39f 
# General Xen state
riel 8cdabee 
%dir %{_localstatedir}/lib/%{name}
b93c39f 
%dir %{_localstatedir}/lib/%{name}/dump
b93c39f 
%dir %{_localstatedir}/lib/%{name}/images
b93c39f 
# Xenstore persistent state
riel 94694ff 
%dir %{_localstatedir}/lib/xenstored
b93c39f 
# Xenstore runtime state
10e062d 
%ghost %{_localstatedir}/run/xenstored
b93c39f
b93c39f 
# All xenstore CLI tools
befec2e 
%{_bindir}/qemu-*-xen
77513e5 
%{_bindir}/xenstore
b93c39f 
%{_bindir}/xenstore-*
b93c39f 
%{_bindir}/pygrub
b93c39f 
%{_bindir}/xentrace*
a7ec3f3 
#%#{_bindir}/remus
b93c39f 
# blktap daemon
940f206 
%{_sbindir}/tapdisk*
b93c39f 
# XSM
7ad40cf 
%if %build_xsm
940f206 
%{_sbindir}/flask-*
7ad40cf 
%endif
b93c39f 
# Disk utils
b93c39f 
%{_sbindir}/qcow-create
b93c39f 
%{_sbindir}/qcow2raw
b93c39f 
%{_sbindir}/img2qcow
b93c39f 
# Misc stuff
b93c39f 
%{_bindir}/xen-detect
a252867 
%{_bindir}/xencov_split
34085e7 
%{_sbindir}/gdbsx
940f206 
%{_sbindir}/gtrace*
d48d28a 
%{_sbindir}/kdd
940f206 
%{_sbindir}/lock-util
d48d28a 
%{_sbindir}/tap-ctl
940f206 
%{_sbindir}/td-util
940f206 
%{_sbindir}/vhd-*
b93c39f 
%{_sbindir}/xen-bugtool
d48d28a 
%{_sbindir}/xen-hptool
d48d28a 
%{_sbindir}/xen-hvmcrash
940f206 
%{_sbindir}/xen-hvmctx
940f206 
%{_sbindir}/xen-tmem-list-parse
b93c39f 
%{_sbindir}/xenconsoled
940f206 
%{_sbindir}/xenlockprof
b93c39f 
%{_sbindir}/xenmon.py*
b93c39f 
%{_sbindir}/xentop
b93c39f 
%{_sbindir}/xentrace_setmask
b93c39f 
%{_sbindir}/xenbaked
b93c39f 
%{_sbindir}/xenstored
fb24ce0 
%{_sbindir}/xenpm
befec2e 
%{_sbindir}/xenpmd
befec2e 
%{_sbindir}/xenperf
d48d28a 
%{_sbindir}/xenwatchdogd
940f206 
%{_sbindir}/xl
c9994c1 
%{_sbindir}/xen-lowmemd
c9994c1 
%{_sbindir}/xen-ringwatch
a252867 
%{_sbindir}/xencov
e1a5934 
%{_sbindir}/xen-mfndump
b665e43 
/usr/share/pkgconfig/*
b665e43 
%{_bindir}/xenalyze
b665e43 
%{_sbindir}/xentrace
b665e43 
%{_sbindir}/xentrace_setsize
e2943f8 
%{_bindir}/xen-cpuid
e2943f8 
%{_sbindir}/xen-livepatch
b93c39f
b93c39f 
# Xen logfiles
6645a82 
%dir %attr(0700,root,root) %{_localstatedir}/log/xen
b93c39f 
# Guest/HV console logs
6645a82 
%dir %attr(0700,root,root) %{_localstatedir}/log/xen/console
riel bf95569
e843eee 
%files hypervisor
c67a8f8 
%if %build_hyp
e843eee 
%defattr(-,root,root)
e843eee 
/boot/xen-*.gz
befec2e 
/boot/xen.gz
e2943f8 
/boot/xen*.config
d30d767 
%if %build_xsm
a252867 
%dir %attr(0755,root,root) /boot/flask
a36066c 
/boot/flask/xenpolicy*
a252867 
%endif
c9994c1 
%if %build_efi
c9994c1 
/boot/efi/EFI/fedora/*.efi
c9994c1 
%endif
a252867 
%endif
befec2e
befec2e 
%files doc
befec2e 
%defattr(-,root,root)
befec2e 
%doc docs/misc/
befec2e 
%doc dist/install/usr/share/doc/xen/html
e843eee
6329324 
%files devel
6329324 
%defattr(-,root,root)
6329324 
%{_includedir}/*.h
d36143f 
%dir %{_includedir}/xen
d36143f 
%{_includedir}/xen/*
c9994c1 
%dir %{_includedir}/xenstore-compat
c9994c1 
%{_includedir}/xenstore-compat/*
061e3ec 
%{_libdir}/*.so
6329324
c6a6ecc 
%files licenses
c6a6ecc 
%defattr(-,root,root)
c6a6ecc 
%doc licensedir/*
c6a6ecc
d486191 
%if %build_ocaml
d486191 
%files ocaml
d486191 
%defattr(-,root,root)
d486191 
%{_libdir}/ocaml/xen*
d486191 
%exclude %{_libdir}/ocaml/xen*/*.a
d486191 
%exclude %{_libdir}/ocaml/xen*/*.cmxa
d486191 
%exclude %{_libdir}/ocaml/xen*/*.cmx
d486191 
%{_libdir}/ocaml/stublibs/*.so
d486191 
%{_libdir}/ocaml/stublibs/*.so.owner
d486191 
%{_sbindir}/oxenstored
c9994c1 
%config(noreplace) %{_sysconfdir}/xen/oxenstored.conf
9cd22a4 
%{_unitdir}/oxenstored.service
d486191
d486191 
%files ocaml-devel
d486191 
%defattr(-,root,root)
d486191 
%{_libdir}/ocaml/xen*/*.a
d486191 
%{_libdir}/ocaml/xen*/*.cmxa
d486191 
%{_libdir}/ocaml/xen*/*.cmx
d486191 
%endif
d486191
riel bf95569 
%changelog
39e2564 
* Tue Oct 04 2016 Michael Young <m.a.young@durham.ac.uk> - 4.7.0-6
39e2564 
- enable xen livepatch in hypervisor via .config file
39e2564 
- qemu-kvm: Directory traversal flaw in 9p virtio backend [CVE-2016-7116]
39e2564 
	(#1371400)
39e2564 
- qemu: hw: net: Heap overflow in xlnx.xps-ethernetlite [CVE-2016-7161]
39e2564 
	(#1379299)
39e2564 
- CR0.TS and CR0.EM not always honored for x86 HVM guest [XSA-190,
39e2564 
	CVE-2016-7777] (#1381576)
39e2564
cb88c6d 
* Thu Sep 08 2016 Michael Young <m.a.young@durham.ac.uk> - 4.7.0-5
cb88c6d 
- pandoc (documentation) has dependency issues again on F25
cb88c6d
eb91793 
* Thu Sep 08 2016 Michael Young <m.a.young@durham.ac.uk> - 4.7.0-4
eb91793 
- fix build problem with glibc 2.24
eb91793 
- x86: Disallow L3 recursive pagetable for 32-bit PV guests [XSA-185,
c2d0402 
	CVE-2016-7092] (#1374470)
eb91793 
- x86: Mishandling of instruction pointer truncation during emulation
c2d0402 
	[XSA-186, CVE-2016-7093] (#1374471)
c2d0402 
- x86 HVM: Overflow of sh_ctxt->seg_reg[] [XSA-187, CVE-2016-7094] (#1374473)
eb91793
c3dd5cc 
* Wed Aug 10 2016 Michael Young <m.a.young@durham.ac.uk> - 4.7.0-3
c3dd5cc 
- replace xendriverdomain sysvinit script with a systemd file (#1361324)
c3dd5cc
c3dd5cc 
* Wed Jul 27 2016 Michael Young <m.a.young@durham.ac.uk> - 4.7.0-2
0e29250 
- x86: Privilege escalation in PV guests [XSA-182, CVE-2016-6258] (#1360358)
0e29250 
- x86: Missing SMAP whitelisting in 32-bit exception / event delivery
0e29250 
	[XSA-183, CVE-2016-6259] (#1360359)
57359f7 
- virtio: unbounded memory allocation issue [XSA-184, CVE-2016-5403] (#1360831)
57359f7 
- Qemu: scsi: esp: OOB write access in esp_do_dma [CVE-2016-6351] (#1360599)
57359f7
0e29250
e2943f8 
* Fri Jul 22 2016 Michael Young <m.a.young@durham.ac.uk> - 4.7.0-1
e2943f8 
- update to xen-4.7.0
e2943f8 
  adjust xen.use.fedora.ipxe.patch, xen.fedora.efi.build.patch,
e2943f8 
    qemu.CVE-2016-2391.patch, qemu.CVE-2016-4002.patch
e2943f8 
    and qemu.bug1330513.patch
e2943f8 
  package extra files
e2943f8 
    /usr/bin/xen-cpuid
e2943f8 
    /usr/sbin/xen-livepatch
e2943f8 
    /boot/xen*.config
e2943f8 
  remove upstream patches
e2943f8 
- set RPM_OPT_FLAGS options in command line rather than patches, similarly
e2943f8 
    remove xen.64.bit.hyp.on.ix86.patch, also xen.gcc5.fix.patch and
e2943f8 
    xen.gcc6.fix.patch are no longer needed
e2943f8 
- drop optional sysv support, make systemd unconditional
e2943f8 
- renumber patches
e2943f8
d478575 
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.6.3-3
d478575 
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
d478575
501230b 
* Sun Jul 10 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.3-2
501230b 
- perl build requires change for F25
501230b 
- allow bigger xs_watch pthread stacksize for Fedora qemu
501230b
1f3f6d6 
* Thu Jun 23 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.3-1
1f3f6d6 
- update to xen-4.6.3
1f3f6d6 
  adjust xen.use.fedora.ipxe.patch, xen.fedora.crypt.patch
1f3f6d6 
    and xen.gcc6.fix.patch
1f3f6d6 
  remove upstream patches
1f3f6d6
264ecb5 
* Mon Jun 13 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-12
264ecb5 
- fix systemd build issue on F25
264ecb5 
- Qemu: scsi: esp: OOB r/w access while processing ESP_FIFO
264ecb5 
	[CVE-2016-5338] (#1343323)
264ecb5 
- Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info
264ecb5 
	[CVE-2016-5337] (#1343909)
264ecb5
fadd50c 
* Fri Jun 03 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-11
fadd50c 
- fix for CVE-2016-2858 doesn't build with qemu-xen enabled
fadd50c 
- Unsanitised guest input in libxl device handling code
fadd50c 
	[XSA-175, CVE-2016-4962] (#1342132)
fadd50c 
- Unsanitised driver domain input in libxl device handling
fadd50c 
	[XSA-178, CVE-2016-4963] (#1342131)
fadd50c 
- arm: Host crash caused by VMID exhaust [XSA-181] (#1342530)
fadd50c 
- Qemu: display: vmsvga: out-of-bounds read in vmsvga_fifo_read_raw() routine
fadd50c 
	[CVE-2016-4454] (#1340741)
fadd50c 
- Qemu: display: vmsvga: infinite loop in vmsvga_fifo_run() routine
fadd50c 
	[CVE-2016-4453] (#1340746)
fadd50c 
- Qemu: scsi: esp: OOB write when using non-DMA mode in get_cmd
fadd50c 
	[CVE-2016-5238] (#1341931)
fadd50c
f37f50b 
* Sat May 28 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-10
f37f50b 
- cleaner way to set kernel module load list
f37f50b 
- Unrestricted qemu logging [XSA-180, CVE-2014-3672] (#1339125)
f37f50b 
- Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write
f37f50b 
	[CVE-2016-4439] (#1337502)
f37f50b 
- Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd
f37f50b 
	[CVE-2016-4441] (#1337505)
f37f50b 
- Qemu: scsi: megasas: out-of-bounds write while setting controller properties
f37f50b 
	[CVE-2016-5106] (#1339578)
f37f50b 
- Qemu: scsi: megasas: stack information leakage while reading configuration
f37f50b 
	[CVE-2016-5105] (#1339583)
f37f50b
aac5c16 
* Tue May 17 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-9
98213de 
- xen no longer crashes when built without -fno-tree-coalesce-vars
98213de 
- in systemd only try to load kernel modules that are in Fedora (#1291089)
aac5c16 
- x86 software guest page walk PS bit handling flaw
aac5c16 
	[XSA-176, CVE-2016-4480] (#1332657)
98213de
0d68c8d 
* Tue May 10 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-8
0d68c8d 
- create link to /usr/bin/qemu-system-i386 from /usr/lib/xen/bin
0d68c8d 
	for back compatibility and for virt-manager (#1334554) (#1299745)
0d68c8d
695a56c 
* Mon May 09 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-7
695a56c 
- qemu-kvm: Integer overflow in SDL when creating too wide screen (#1330513)
695a56c 
- QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks
695a56c 
	[XSA-179, CVE-2016-3710, CVE-2016-3712] (#1334346) (#1334343)
695a56c
f3149d8 
* Mon Apr 18 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-6
f3149d8 
- x86 shadow pagetables: address width overflow [XSA-173, CVE-2016-3960]
f3149d8 
	(#1328118)
f3149d8 
- Qemu: net: buffer overflow in stellaris_enet emulator [CVE-2016-4001]
f3149d8 
	(#1325886)
f3149d8 
- Qemu: net: buffer overflow in MIPSnet emulator [CVE-2016-4002] (#1326084)
f3149d8 
- qemu: Infinite loop vulnerability in usb_ehci using siTD process
f3149d8 
	[CVE-2016-4037] (#1328081) (supercedes CVE-2015-8558 patch)
f3149d8
1ecae28 
* Sun Apr 03 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-5
1ecae28 
- build with -fno-tree-coalesce-vars to avoid a crash on boot
1ecae28
2dc5020 
* Tue Mar 29 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-4
2dc5020 
- fix for build problems on F25
2dc5020 
- broken AMD FPU FIP/FDP/FOP leak workaround [XSA-172, CVE-2016-3158,
2dc5020 
	CVE-2016-3159] (#1321944)
2dc5020
f7153f0 
* Mon Mar 07 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-3
f7153f0 
- pandoc should work again
f7153f0 
- Qemu: nvram: OOB r/w access in processing firmware configurations
f7153f0 
	CVE-2016-1714 (#1296080)
f7153f0 
- Qemu: i386: null pointer dereference in vapic_write() CVE-2016-1922
f7153f0 
	(#1292767)
f7153f0 
- qemu: Stack-based buffer overflow in megasas_ctrl_get_info CVE-2015-8613
f7153f0 
	(#1293305)
f7153f0 
- qemu-kvm: Infinite loop and out-of-bounds transfer start in start_xmit()
f7153f0 
	and e1000_receive_iov() CVE-2016-1981 (#1299996)
f7153f0 
- Qemu: usb ehci out-of-bounds read in ehci_process_itd (#1300235)
f7153f0 
- Qemu: usb: ehci null pointer dereference in ehci_caps_write CVE-2016-2198
f7153f0 
	(#1303135)
f7153f0 
- Qemu: net: ne2000: infinite loop in ne2000_receive CVE-2016-2841 (#1304048)
f7153f0 
- Qemu: usb: integer overflow in remote NDIS control message handling
f7153f0 
	CVE-2016-2538 (#1305816)
f7153f0 
- Qemu: usb: null pointer dereference in remote NDIS control message handling
f7153f0 
	CVE-2016-2392 (#1307116)
f7153f0 
- Qemu: usb: multiple eof_timers in ohci module leads to null pointer
f7153f0 
	dereference CVE-2016-2391 (#1308882)
f7153f0 
- Qemu: net: out of bounds read in net_checksum_calculate() CVE-2016-2857
f7153f0 
	(#1309565)
f7153f0 
- Qemu: OOB access in address_space_rw leads to segmentation fault
f7153f0 
	CVE-2015-8817 CVE-2015-8818 (#1313273)
f7153f0 
- Qemu: rng-random: arbitrary stack based allocation leading to corruption
f7153f0 
	CVE-2016-2858 (#1314678)
f7153f0
4c89705 
* Wed Feb 17 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-2
4c89705 
- x86: inconsistent cachability flags on guest mappings [XSA-154,
4c89705 
	CVE-2016-2270] (#1309324)
4c89705 
- VMX: guest user mode may crash guest with non-canonical RIP [XSA-170,
4c89705 
	CVE-2016-2271] (#1309323)
4c89705
5a28d9a 
* Fri Feb 12 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.1-1
2fac917 
- update to xen-4.6.1
2fac917 
  adjust xen.use.fedora.ipxe.patch
2fac917 
  remove upstream patches
2fac917 
- don't build with pandoc (documentation) due to dependency issues
2fac917
a2598ad 
* Mon Feb 08 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-12
a2598ad 
- revise patch to build with gcc6
a2598ad
80113f3 
* Sun Feb 07 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-11
80113f3 
- patch to build with gcc6
80113f3
976a178 
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 4.6.0-10
976a178 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
976a178
76d3df6 
* Wed Jan 20 2016 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-9
76d3df6 
- PV superpage functionality missing sanity checks [XSA-167, CVE-2016-1570]
76d3df6 
	(#1300345)
76d3df6 
- VMX: intercept issue with INVLPG on non-canonical address [XSA-168,
76d3df6 
	 CVE-2016-1571] (#1300342)
76d3df6 
- Qemu: pci: null pointer dereference issue CVE-2015-7549 (#1291139)
76d3df6 
- qemu: DoS by infinite loop in ehci_advance_state CVE-2015-8558 (#1291310)
76d3df6 
- qemu: Heap-based buffer overrun during VM migration CVE-2015-8666 (#1294028)
76d3df6 
- Qemu: net: vmxnet3: incorrect l2 header validation leads to a crash
6bd66d4 
	via assert(2) call CVE-2015-8744 (#1295441)
76d3df6 
- qemu: Support reading IMR registers on bar0 CVE-2015-8745 (#1295443)
76d3df6 
- Qemu: net: vmxnet3: host memory leakage  CVE-2015-8567 CVE-2015-8568
76d3df6 
	(#1289817)
76d3df6 
- Qemu: net: ne2000: OOB memory access in ioport r/w functions
76d3df6 
	CVE-2015-8743 (#1294788)
76d3df6
8316de0 
* Mon Dec 21 2015 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-8
ecb1864 
- x86: unintentional logging upon guest changing callback method
ecb1864 
	[XSA-169, CVE-2015-8615] (#1293675)
8316de0
64fe61f 
* Thu Dec 17 2015 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-7
64fe61f 
- four security updates (#1292439)
64fe61f 
  paravirtualized drivers incautious about shared memory contents
64fe61f 
	[XSA-155, CVE-2015-8550]
64fe61f 
  qemu-dm buffer overrun in MSI-X handling [XSA-164, CVE-2015-8554]
64fe61f 
  information leak in legacy x86 FPU/XMM initialization [XSA-165,
64fe61f 
	CVE-2015-8555]
64fe61f 
  ioreq handling possibly susceptible to multiple read issue [XSA-166]
64fe61f
aedb207 
* Thu Dec 10 2015 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-6
34cdd53 
- eepro100: Prevent two endless loops [CVE-2015-8345] (#1285215)
34cdd53 
- pcnet: fix rx buffer overflow [CVE-2015-7512] (#1286563)
34cdd53 
- ui: vnc: avoid floating point exception [CVE-2015-8504] (#1289544)
aedb207 
- additional patch for [XSA-158, CVE-2015-8338]
34cdd53
9e8180b 
* Tue Dec 08 2015 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-5
9e8180b 
- three security updates (#1289568)
9e8180b 
  long running memory operations on ARM [XSA-158, CVE-2015-8338]
9e8180b 
  XENMEM_exchange error handling issues [XSA-159, CVE-2015-8339, CVE-2015-8340]
9e8180b 
  libxl leak of pv kernel and initrd on error [XSA-160, CVE-2015-8341]
9e8180b
5a90f6e 
* Sun Dec 06 2015 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-4
5a90f6e 
- heap buffer overflow vulnerability in pcnet emulator [XSA-162,
5a90f6e 
	CVE-2015-7504] (#1286544)
5a90f6e 
- virtual PMU is unsupported [XSA-163] (#1285351)
5a90f6e
a7ec3f3 
* Tue Nov 10 2015 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-3
a7ec3f3 
- x86: CPU lockup during exception delivery [XSA-156, CVE-2015-5307,
a7ec3f3 
	CVE-2015-8104] (#1279689, #1279690)
a7ec3f3 
- silence 2 macro in comment warnings
a7ec3f3
bbb3b5e 
* Thu Oct 29 2015 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-2
bbb3b5e 
- nine security updates (#1276344)
bbb3b5e 
  arm: Host crash when preempting a multicall [XSA-145, CVE-2015-7812]
bbb3b5e 
  arm: various unimplemented hypercalls log without rate limiting
bbb3b5e 
	[XSA-146, CVE-2015-7813]
bbb3b5e 
  arm: Race between domain destruction and memory allocation decrease
bbb3b5e 
	[XSA-147, CVE-2015-7814]
bbb3b5e 
  x86: Uncontrolled creation of large page mappings by PV guests
bbb3b5e 
	[XSA-148, CVE-2015-7835]
bbb3b5e 
  leak of main per-domain vcpu pointer array [XSA-149, CVE-2015-7969]
bbb3b5e 
  x86: Long latency populate-on-demand operation is not preemptible
bbb3b5e 
	[XSA-150, CVE-2015-7970]
bbb3b5e 
  x86: leak of per-domain profiling-related vcpu pointer array
bbb3b5e 
	[XSA-151, CVE-2015-7969]
bbb3b5e 
  x86: some pmu and profiling hypercalls log without rate limiting
bbb3b5e 
	[XSA-152, CVE-2015-7971]
bbb3b5e 
  x86: populate-on-demand balloon size inaccuracy can crash guests
bbb3b5e 
	[XSA-153, CVE-2015-7972]
bbb3b5e
b665e43 
* Sun Oct 11 2015 Michael Young <m.a.young@durham.ac.uk> - 4.6.0-1
b665e43 
- update to xen-4.6.0
b665e43 
  xen-dumpdir.patch no longer needed
b665e43 
  adjust xen.use.fedora.ipxe.patch and xen.fedora.systemd.patch
b665e43 
  remove upstream patches
b665e43 
  add build fix for blktap2 to gcc5 fixes
b665e43 
  udev rules have now gone as have xen-syms in /boot
b665e43 
  package extra files
b665e43 
    /etc/rc.d/init.d/xendriverdomain
b665e43 
    /usr/bin/xenalyze
b665e43 
    /usr/sbin/xentrace
b665e43 
    /usr/sbin/xentrace_setsize
b665e43 
    /usr/share/pkgconfig/*.pc
b665e43 
- renumber patches
b665e43 
- add build-requires for pandoc and discount to improve docs
b665e43
4623a49 
* Sat Oct 10 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-13
4623a49 
- patch CVE-2015-7295 for qemu-xen-traditional as well
4623a49
2e18a07 
* Thu Oct 08 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-12
2e18a07 
- Qemu: net: virtio-net possible remote DoS [CVE-2015-7295] (#1264392)
2e18a07
e0fffad 
* Tue Oct 06 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-11
e0fffad 
- create a symbolic link so libvirt VMs from xen 4.0 to 4.4 can still
e0fffad 
	find qemu-dm (#1268176), (#1248843)
e0fffad
1e3166c 
* Sun Sep 27 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-10
1e3166c 
- ide: fix ATAPI command permissions [CVE-2015-6855] (#1261792)
1e3166c
1ae438b 
* Sat Sep 26 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-9
1ae438b 
- ui/vnc: limit client_cut_text msg payload size [CVE-2015-5239] (#1259504)
1ae438b 
- e1000: Avoid infinite loop in processing transmit descriptor
1ae438b 
	[CVE-2015-6815] (#1260224)
1ae438b 
- net: add checks to validate ring buffer pointers [CVE-2015-5279] (#1263278)
1ae438b 
- net: avoid infinite loop when receiving packets [CVE-2015-5278] (#1263281)
1ae438b 
- qemu buffer overflow in virtio-serial [CVE-2015-5745] (#1251354)
1ae438b
ec7a2ea 
* Tue Sep 15 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-8
ec7a2ea 
- libxl fails to honour readonly flag on disks with qemu-xen
1ae438b 
	[XSA-142, CVE-2015-7311] (#1257893) (final patch version)
ec7a2ea
2c2f917 
* Tue Sep 01 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-7
2c2f917 
- printk is not rate-limited in xenmem_add_to_physmap_one (ARM)
2c2f917 
	[XSA-141, CVE-2015-6654]
2c2f917
57e1455 
* Mon Aug 03 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-6
57e1455 
- Use after free in QEMU/Xen block unplug protocol [XSA-139, CVE-2015-5166]
57e1455 
	(#1249757)
57e1455 
- QEMU leak of uninitialized heap memory in rtl8139 device model
57e1455 
	[XSA-140, CVE-2015-5165] (#1249756)
57e1455
7f80525 
* Sun Aug 02 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-5
7f80525 
- QEMU heap overflow flaw while processing certain ATAPI commands.
7f80525 
	[XSA-138, CVE-2015-5154] (#1247142)
7f80525 
- try again to fix xen-qemu-dom0-disk-backend.service (#1242246)
7f80525
f22a847 
* Thu Jul 30 2015 Richard W.M. Jones <rjones@redhat.com> - 4.5.1-4
f22a847 
- OCaml 4.02.3 rebuild.
f22a847
f0ae6d6 
* Thu Jul 23 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-3
f0ae6d6 
- correct qemu location in xen-qemu-dom0-disk-backend.service (#1242246)
f0ae6d6 
- rebuild efi grub.cfg if it is present (#1239309)
f0ae6d6 
- re-enable remus by building with libnl3
f0ae6d6 
- modify gnutls use in line with Fedora's crypto policies (#1179352)
f0ae6d6
f0ae6d6 
* Tue Jul 07 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-2
c3d931e 
- xl command line config handling stack overflow [XSA-137, CVE-2015-3259]
c3d931e
185876b 
* Mon Jun 22 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.1-1
185876b 
- update to 4.5.1
185876b 
  adjust xen.use.fedora.ipxe.patch and xen.fedora.systemd.patch
185876b 
  remove patches for issues now fixed upstream
185876b 
  renumber patches
185876b
b60332d 
* Fri Jun 19 2015 Richard W.M. Jones <rjones@redhat.com> - 4.5.0-13
b60332d 
- Rebuild for ocaml-4.02.2.
b60332d
e5e2859 
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.5.0-12
e5e2859 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
e5e2859
597f9a6 
* Tue Jun 16 2015 Michael Young <m.a.young@durham.ac.uk>
597f9a6 
- gcc 5 bug is fixed so remove workaround
597f9a6
54dc575 
* Wed Jun 10 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-11
54dc575 
- stubs-32.h is back, so revert to previous behaviour
54dc575 
- Heap overflow in QEMU PCNET controller, allowing guest->host escape
54dc575 
	[XSA-135, CVE-2015-3209] (#1230537)
54dc575 
- GNTTABOP_swap_grant_ref operation misbehavior [XSA-134, CVE-2015-4163]
54dc575 
- vulnerability in the iret hypercall handler [XSA-136, CVE-2015-4164]
54dc575
533d532 
* Wed Jun 03 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-10.1
533d532 
- stubs-32.h has gone from rawhide, put it back manually
533d532
2630541 
* Tue Jun 02 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-10
33713a4 
- replace deprecated gnutls use in qemu-xen-traditional based on
33713a4 
	qemu-xen patches
2630541 
- work around a gcc 5 bug
2630541 
- Potential unintended writes to host MSI message data field via qemu
89b8a7e 
	[XSA-128, CVE-2015-4103] (#1227627)
2630541 
- PCI MSI mask bits inadvertently exposed to guests [XSA-129, CVE-2015-4104]
89b8a7e 
	(#1227628)
2630541 
- Guest triggerable qemu MSI-X pass-through error messages [XSA-130,
89b8a7e 
	CVE-2015-4105] (#1227629)
89b8a7e 
- Unmediated PCI register access in qemu [XSA-131, CVE-2015-4106] (#1227631)
33713a4
8f32fda 
* Wed May 13 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-9
8f32fda 
- Privilege escalation via emulated floppy disk drive [XSA-133,
8f32fda 
	CVE-2015-3456] (#1221153)
8f32fda
29e3377 
* Mon Apr 20 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-8
384a01a 
- Information leak through XEN_DOMCTL_gettscinfo [XSA-132,
384a01a 
	CVE-2015-3340] (#1214037)
29e3377
df7d53d 
* Tue Mar 31 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-7
df7d53d 
- Long latency MMIO mapping operations are not preemptible [XSA-125,
df7d53d 
	CVE-2015-2752] (#1207741)
df7d53d 
- Unmediated PCI command register access in qemu [XSA-126,
df7d53d 
	CVE-2015-2756] (#1307738)
df7d53d 
- Certain domctl operations may be abused to lock up the host [XSA-127,
df7d53d 
	CVE-2015-2751] (#1207739)
df7d53d
3019908 
* Fri Mar 13 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-6
3019908 
- Additional patch for XSA-98 on arm64
3019908
95cad4e 
* Thu Mar 12 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-5
95cad4e 
- HVM qemu unexpectedly enabling emulated VGA graphics backends [XSA-119,
95cad4e 
	CVE-2015-2152] (#1201365)
95cad4e
a2775c6 
* Tue Mar 10 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-4
a2775c6 
- Hypervisor memory corruption due to x86 emulator flaw [XSA-123,
a2775c6 
	CVE-2015-2151] (#1200398)
a2775c6
7901978 
* Thu Mar 05 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-3
7901978 
- Information leak via internal x86 system device emulation [XSA-121,
7901978 
	CVE-2015-2044]
7901978 
- Information leak through version information hypercall [XSA-122,
7901978 
	CVE-2015-2045]
7901978 
- fix a typo in xen.fedora.systemd.patch
7901978
3913e55 
* Sat Feb 14 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-2
3913e55 
- arm: vgic-v2: GICD_SGIR is not properly emulated [XSA-117, CVE-2015-0268]
3913e55 
- allow certain warnings with gcc5 that would otherwise be treated as errors
3913e55
a36066c 
* Thu Jan 29 2015 Michael Young <m.a.young@durham.ac.uk> - 4.5.0-1
a36066c 
- update to 4.5.0
a36066c 
  xend has gone, so remove references to xend in spec file, sources and patches
a36066c 
  remove patches for issues now fixed upstream
a36066c 
  adjust some patches due to other code changes
a36066c 
  adjust spec file for renamed xenpolicy files
a36066c 
  set prefix back to /usr (default is now /usr/local)
a36066c 
  use upstream systemd files with patches for Fedora and selinux
a36066c 
	sysconfig for systemd is now in xencommons file
a36066c 
  for x86_64, files in /usr/lib64/xen/bin have moved to /usr/lib/xen/bin
a36066c 
  remus isn't built
a36066c 
  upstream systemd support needs systemd-devel to build
a36066c 
  replace new uint32 with uint32_t in ocaml file for ocaml-4.02.0
a36066c 
  stop oxenstored failing when selinux is enforcing
a36066c 
  re-number patches
a36066c 
- enable building pngs from fig files which is working again
a36066c 
- fix oxenstored.service preset preuninstall script
3913e55 
- arm: vgic: incorrect rate limiting of guest triggered logging [XSA-118,
3913e55 
	CVE-2015-1563] (#1187153)
a36066c
ba799f1 
* Tue Jan 06 2015 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-12
ba799f1 
- xen crash due to use after free on hvm guest teardown [XSA-116,
ba799f1 
	 CVE-2015-0361] (#1179221)
ba799f1
436d0fe 
* Tue Dec 16 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-11
436d0fe 
- fix xendomains issue introduced by xl migrate --debug patch
436d0fe
7ad40cf 
* Mon Dec 08 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-10
7ad40cf 
- p2m lock starvation [XSA-114, CVE-2014-9065]
7ad40cf 
- fix build with --without xsm
7ad40cf
1a774a7 
* Thu Nov 27 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-9
1a774a7 
- Excessive checking in compatibility mode hypercall argument translation
1a774a7 
	[XSA-111, CVE-2014-8866]
1a774a7 
- Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor
1a774a7 
	[XSA-112, CVE-2014-8867]
1a774a7 
- fix segfaults and failures in xl migrate --debug (#1166461)
1a774a7
a59f799 
* Thu Nov 20 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-8
a59f799 
- Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
6b83572 
	[XSA-113, CVE-2014-9030] (#1166914)
a59f799
18c0da6 
* Tue Nov 18 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-7
18c0da6 
- Insufficient restrictions on certain MMU update hypercalls [XSA-109,
18c0da6 
	CVE-2014-8594] (#1165205)
18c0da6 
- Missing privilege level checks in x86 emulation of far branches [XSA-110,
18c0da6 
	CVE-2014-8595] (#1165204)
18c0da6 
- Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't
18c0da6 
	exploitable from xen (#1086776)
18c0da6
808b049 
* Wed Oct 01 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-6
808b049 
- Improper MSR range used for x2APIC emulation [XSA-108, CVE-2014-7188]
808b049 
	(#1148465)
808b049
0645ea4 
* Tue Sep 30 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-5
0645ea4 
- xen support is in 256k seabios binary when it exists (#1146260)
0645ea4
34a955b 
* Tue Sep 23 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-4
fc5d65d 
- Race condition in HVMOP_track_dirty_vram [XSA-104, CVE-2014-7154] (#1145736)
34a955b 
- Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation
fc5d65d 
	[XSA-105, CVE-2014-7155] (#1145737)
34a955b 
- Missing privilege level checks in x86 emulation of software interrupts
fc5d65d 
	[XSA-106, CVE-2014-7156] (#1145738)
34a955b
4151a25 
* Sun Sep 14 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-3
4151a25 
- disable building pngs from fig files which is currently broken in rawhide
4151a25
eb54fe2 
* Tue Sep 09 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-2
eb54fe2 
- Mishandling of uninitialised FIFO-based event channel control blocks
4a5096c 
	[XSA-107, CVE-2014-6268] (#1140287)
eb54fe2 
- delete a patch file that was dropped in the last update
eb54fe2
2c5fb56 
* Tue Sep 02 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.1-1
2c5fb56 
- update to xen-4.4.1
2c5fb56 
  remove patches for fixes that are now included
2c5fb56 
- replace uint32 with uint32_t in ocaml file for ocaml-4.02.0
2c5fb56
4b81d6f 
* Sun Aug 31 2014 Richard W.M. Jones <rjones@redhat.com> - 4.4.0-14
4b81d6f 
- Bump release and rebuild.
4b81d6f
c8e5f9b 
* Sun Aug 31 2014 Richard W.M. Jones <rjones@redhat.com> - 4.4.0-13
c8e5f9b 
- ocaml-4.02.0 final rebuild.
c8e5f9b
3ada287 
* Sun Aug 24 2014 Richard W.M. Jones <rjones@redhat.com> - 4.4.0-12
3ada287 
- ocaml-4.02.0+rc1 rebuild.
3ada287
a7c6141 
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.4.0-11
a7c6141 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
a7c6141
5d36bf8 
* Tue Aug 12 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.0-10
5d36bf8 
- Long latency virtual-mmu operations are not preemptible
5d36bf8 
	[XSA-97, CVE-2014-5146]
5d36bf8
63343b1 
* Thu Aug 07 2014 Richard W.M. Jones <rjones@redhat.com> - 4.4.0-9
63343b1 
- ocaml-4.02.0-0.8.git10e45753.fc22 rebuild.
63343b1
4ac419d 
* Mon Jul 14 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.0-8
4ac419d 
- rebuild for ocaml update
4ac419d
1f27ee9 
* Tue Jun 17 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.0-7
1f27ee9 
- Hypervisor heap contents leaked to guest [XSA-100, CVE-2014-4021]
1f27ee9 
	(#1110316) with extra patch to avoid regression
1f27ee9
d30d767 
* Sun Jun 15 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.0-6
d30d767 
- Fix two %if line typos in the spec file
d30d767 
- Vulnerabilities in HVM MSI injection [XSA-96, CVE-2014-3967,CVE-2014-3968]
d30d767 
	(#1104583)
d30d767
b87cd1d 
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.4.0-5
b87cd1d 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
b87cd1d
e933726 
* Mon May 12 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.0-4
e933726 
- add systemd preset support (#1094938)
e933726
b3648a5 
* Wed Apr 30 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.0-3
d350385 
- HVMOP_set_mem_type allows invalid P2M entries to be created
d350385 
	[XSA-92, CVE-2014-3124] (#1093315)
b3648a5 
- change -Wmaybe-uninitialized errors into warnings for gcc 4.9.0
b3648a5 
- fix a couple of -Wmaybe-uninitialized cases
b3648a5
e836ce6 
* Wed Mar 26 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.0-2
e836ce6 
- HVMOP_set_mem_access is not preemptible [XSA-89, CVE-2014-2599] (#1080425)
e836ce6
e1a5934 
* Sun Mar 23 2014 Michael Young <m.a.young@durham.ac.uk> - 4.4.0-1
e1a5934 
- update to xen-4.4.0
e1a5934 
- adjust xend.selinux.fixes.patch and xen-initscript.patch as xend has moved
e1a5934 
- don't build xend unless --with xend is specified
e1a5934 
- use --with-system-seabios option instead of xen.use.fedora.seabios.patch
e1a5934 
- update xen.use.fedora.ipxe.patch patch
e1a5934 
- replace qemu-xen.tradonly.patch with --with-system-qemu= option pointing
e1a5934 
  to Fedora's qemu-system-i386
e1a5934 
- adjust xen.xsm.enable.patch and remove bits that are are no longer needed
e1a5934 
- blktapctrl is no longer built, remove related files
e1a5934 
- adjust files to be packaged; xsview has gone, add xen-mfndump and
e1a5934 
  xenstore man pages
e1a5934 
- add another xenstore-write to xenstored.service and oxenstored.service
e1a5934 
- Add xen.console.fix.patch to fix issues running pygrub
e1a5934
23c8900 
* Tue Feb 18 2014 Michael Young <m.a.young@durham.ac.uk> - 4.3.2-1
23c8900 
- update to xen-4.3.2
85310dd 
  includes fix for "Excessive time to disable caching with HVM guests with
9c9740e 
    PCI passthrough" [XSA-60, CVE-2013-2212] (#987914)
23c8900 
- remove patches that are now included
23c8900
cf73ea5 
* Wed Feb 12 2014 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-10
cf73ea5 
- use-after-free in xc_cpupool_getinfo() under memory pressure [XSA-88,
cf73ea5 
    CVE-2014-1950] (#1064491)
cf73ea5
b11a974 
* Thu Feb 06 2014 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-9
eafedbe 
- integer overflow in several XSM/Flask hypercalls [XSA-84, CVE-2014-1891,
eafedbe 
    CVE-2014-1892, CVE-2014-1893, CVE-2014-1894]
eafedbe 
  Off-by-one error in FLASK_AVC_CACHESTAT hypercall [XSA-85, CVE-2014-1895]
eafedbe 
  libvchan failure handling malicious ring indexes [XSA-86, CVE-2014-1896]
eafedbe 
    (#1062335)
b11a974
0633152 
* Fri Jan 24 2014 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-8
0633152 
- PHYSDEVOP_{prepare,release}_msix exposed to unprivileged pv guests
a820ee9 
    [XSA-87, CVE-2014-1666] (#1058398)
0633152
904f9bc 
* Thu Jan 23 2014 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-7
904f9bc 
- Out-of-memory condition yielding memory corruption during IRQ setup
904f9bc 
    [XSA-83, CVE-2014-1642] (#1057142)
904f9bc
62dd1f8 
* Wed Dec 11 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-6
62dd1f8 
- Disaggregated domain management security status update [XSA-77]
62dd1f8 
- IOMMU TLB flushing may be inadvertently suppressed [XSA-80, CVE-2013-6400]
62dd1f8 
    (#1040024)
62dd1f8
a62e994 
* Mon Dec 02 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-5
a62e994 
- HVM guest triggerable AMD CPU erratum may cause host hang
a62e994 
    [XSA-82, CVE-2013-6885]
a62e994
14cd6e1 
* Tue Nov 26 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-4
14cd6e1 
- Lock order reversal between page_alloc_lock and mm_rwlock
14cd6e1 
    [XSA-74, CVE-2013-4553] (#1034925)
14cd6e1 
- Hypercalls exposed to privilege rings 1 and 2 of HVM guests
14cd6e1 
    [XSA-76, CVE-2013-4554] (#1034923)
14cd6e1
abfe976 
* Thu Nov 21 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-3
abfe976 
- Insufficient TLB flushing in VT-d (iommu) code
abfe976 
    [XSA-78, CVE-2013-6375] (#1033149)
abfe976
07aa346 
* Sat Nov 09 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-2
07aa346 
- Host crash due to HVM guest VMX instruction execution
557a334 
    [XSA-75, CVE-2013-4551] (#1029055)
07aa346
f785ac0 
* Fri Nov 01 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.1-1
f785ac0 
- update to xen-4.3.1
f785ac0 
- Lock order reversal between page allocation and grant table locks
07aa346 
    [XSA-73, CVE-2013-4494] (#1026248)
f785ac0
511cc6f 
* Tue Oct 29 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.0-10
511cc6f 
- ocaml xenstored mishandles oversized message replies
511cc6f 
    [XSA-72, CVE-2013-4416] (#1024450)
511cc6f
9cd22a4 
* Thu Oct 24 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.0-9
bac04f8 
- systemd changes to allow oxenstored to be used instead of xenstored (#1022640)
9cd22a4
0075956 
* Thu Oct 10 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.0-8
0075956 
- security fixes (#1017843)
0075956 
  Information leak through outs instruction emulation in 64-bit PV guests
0075956 
    [XSA-67, CVE-2013-4368]
0075956 
  possible null dereference when parsing vif ratelimiting info
0075956 
    [XSA-68, CVE-2013-4369]
0075956 
  misplaced free in ocaml xc_vcpu_getaffinity stub
0075956 
    [XSA-69, CVE-2013-4370]
0075956 
  use-after-free in libxl_list_cpupool under memory pressure
0075956 
    [XSA-70, CVE-2013-4371]
0075956 
  qemu disk backend (qdisk) resource leak (Fedora doesn't build this qemu)
0075956 
    [XSA-71, CVE-2013-4375]
0075956
54fc4ba 
* Wed Oct 02 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.0-7
54fc4ba 
- Set "Domain-0" label in xenstored.service systemd file to match
54fc4ba 
  xencommons init.d script.
54fc4ba 
- security fixes (#1013748)
54fc4ba 
  Information leaks to HVM guests through I/O instruction emulation
54fc4ba 
    [XSA-63, CVE-2013-4355]
54fc4ba 
  Memory accessible by 64-bit PV guests under live migration
54fc4ba 
    [XSA-64, CVE-2013-4356]
54fc4ba 
  Information leak to HVM guests through fbld instruction emulation
54fc4ba 
    [XSA-66, CVE-2013-4361]
54fc4ba
d84ee3b 
* Wed Sep 25 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.0-6
d84ee3b 
- Information leak on AVX and/or LWP capable CPUs [XSA-62, CVE-2013-1442]
d84ee3b 
  (#1012056)
d84ee3b
a2fa846 
* Sat Sep 14 2013 Richard W.M. Jones <rjones@redhat.com> - 4.3.0-5
a2fa846 
- Rebuild for OCaml 4.01.0.
a2fa846
0e43808 
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.3.0-4
0e43808 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
0e43808
4a92c57 
* Sat Jul 20 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.0-2 4.3.0-3
c67a8f8 
- build a 64-bit hypervisor on ix86
c67a8f8
a252867 
* Tue Jul 16 2013 Michael Young <m.a.young@durham.ac.uk> - 4.3.0-1
a252867 
- update to xen-4.3.0
a252867 
- rebase xen.use.fedora.ipxe.patch
a252867 
- remove patches that are now included or no longer needed
a252867 
- add polarssl source needed for stubdom build
a252867 
- remove references to ia64 in spec file (dropped upstream)
a252867 
- don't build hypervisor on ix86 (dropped upstream)
a252867 
- tools want wget (or ftp) to build
a252867 
- build XSM FLASK support into hypervisor with policy file
a252867 
- add xencov_split and xencov to files packaged, remove pdf docs
a252867 
- tidy up rpm scripts and stop enabling systemctl services on upgrade
a252867 
  now sysv is gone from Fedora
a252867 
- re-number patches
a252867
145d87a 
* Wed Jun 26 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-10
145d87a 
- XSA-45/CVE-2013-1918 breaks page reference counting [XSA-58,
145d87a 
  CVE-2013-1432] (#978383)
145d87a 
- let pygrub handle set default="${next_entry}" line in F19 (#978036)
145d87a 
- libxl: Set vfb and vkb devid if not done so by the caller (#977987)
145d87a
cf7baf5 
* Mon Jun 24 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-9
cf7baf5 
- add upstream patch for PCI passthrough problems after XSA-46 (#977310)
cf7baf5
ce170d7 
* Fri Jun 21 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-8
145d87a 
- xenstore permissions not set correctly by libxl [XSA-57,
145d87a 
  CVE-2013-2211] (#976779)
ce170d7
454702a 
* Fri Jun 14 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-7
ce170d7 
- Revised fixes for [XSA-55, CVE-2013-2194 CVE-2013-2195
ce170d7 
  CVE-2013-2196] (#970640)
454702a
73efd6b 
* Tue Jun 04 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-6
73efd6b 
- Information leak on XSAVE/XRSTOR capable AMD CPUs
73efd6b 
  [XSA-52, CVE-2013-2076] (#970206)
73efd6b 
- Hypervisor crash due to missing exception recovery on XRSTOR
73efd6b 
  [XSA-53, CVE-2013-2077] (#970204)
73efd6b 
- Hypervisor crash due to missing exception recovery on XSETBV
73efd6b 
  [XSA-54, CVE-2013-2078] (#970202)
73efd6b 
- Multiple vulnerabilities in libelf PV kernel handling
73efd6b 
  [XSA-55] (#970640)
73efd6b
91ee8cb 
* Fri May 17 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-5
91ee8cb 
- xend toolstack doesn't check bounds for VCPU affinity
91ee8cb 
  [XSA-56, CVE-2013-2072] (#964241)
91ee8cb
09cb75b 
* Tue May 14 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-4
09cb75b 
- xen-devel should require libuuid-devel (#962833)
09cb75b 
- pygrub menu items can include too much text (#958524)
09cb75b
41ce54e 
* Thu May 02 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-3
41ce54e 
- PV guests can use non-preemptible long latency operations to
41ce54e 
  mount a denial of service attack on the whole system
41ce54e 
  [XSA-45, CVE-2013-1918] (#958918)
41ce54e 
- malicious guests can inject interrupts through bridge devices to
41ce54e 
  mount a denial of service attack on the whole system
41ce54e 
  [XSA-49, CVE-2013-1952] (#958919)
41ce54e
23f894b 
* Fri Apr 26 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-2
23f894b 
- fix further man page issues to allow building on F19 and F20
23f894b
7b49c0b 
* Thu Apr 25 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.2-1
7b49c0b 
- update to xen-4.2.2
7b49c0b 
  includes fixes for
7b49c0b 
  [XSA-48, CVE-2013-1922] (Fedora doesn't use the affected code)
7b49c0b 
  passed through IRQs or PCI devices might allow denial of service attack
7b49c0b 
    [XSA-46, CVE-2013-1919] (#953568)
7b49c0b 
  SYSENTER in 32-bit PV guests on 64-bit xen can crash hypervisor
7b49c0b 
    [XSA-44, CVE-2013-1917] (#953569)
7b49c0b 
- remove patches that are included in 4.2.2
7b49c0b 
- look for libxl-save-helper in the right place
7b49c0b 
- fix xl list -l output when built with yajl2
7b49c0b 
- allow xendomains to work with xl saved images
7b49c0b
3f8fcde 
* Thu Apr 04 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-10
db9701a 
- make xendomains systemd script executable and update it from
db9701a 
  init.d version (#919705)
db9701a 
- Potential use of freed memory in event channel operations [XSA-47,
db9701a 
  CVE-2013-1920]
3f8fcde
935d4a8 
* Thu Feb 21 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-9
935d4a8 
- patch for [XSA-36, CVE-2013-0153] can cause boot time crash
935d4a8
3312db2 
* Fri Feb 15 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-8
3312db2 
- patch for [XSA-38, CVE-2013-0215] was flawed
3312db2
0b6946b 
* Fri Feb 08 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-7
0b6946b 
- BuildRequires for texlive-kpathsea-bin wasn't needed
0b6946b 
- correct gcc 4.8 fixes and follow suggestions upstream
0b6946b
958b17f 
* Tue Feb 05 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-6
958b17f 
- guest using oxenstored can crash host or exhaust memory [XSA-38,
958b17f 
  CVE-2013-0215] (#907888)
958b17f 
- guest using AMD-Vi for PCI passthrough can cause denial of service
055cd14 
  [XSA-36, CVE-2013-0153] (#910914)
70d4a6a 
- add some fixes for code which gcc 4.8 complains about
9504ea9 
- additional BuildRequires are now needed for pod2text and pod2man
5b23c5e 
  also texlive-kpathsea-bin for mktexfmt
958b17f
e41a4a2 
* Wed Jan 23 2013 Michael Young <m.a.young@durham.ac.uk>
e41a4a2 
- correct disabling of xendomains.service on uninstall
e41a4a2
66141b2 
* Tue Jan 22 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-5
66141b2 
- nested virtualization on 32-bit guest can crash host [XSA-34,
66141b2 
  CVE-2013-0151] also nested HVM on guest can cause host to run out
66141b2 
  of memory [XSA-35, CVE-2013-0152] (#902792)
66141b2 
- restore status option to xend which is used by libvirt (#893699)
66141b2
28a1615 
* Thu Jan 17 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-4
28a1615 
- Buffer overflow when processing large packets in qemu e1000 device
7b4a105 
  driver [XSA-41, CVE-2012-6075] (#910845)
28a1615
93c16a8 
* Thu Jan 10 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-3
93c16a8 
- fix some format errors in xl.cfg.pod.5 to allow build on F19
93c16a8
d0305df 
* Wed Jan 09 2013 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-2
d0305df 
- VT-d interrupt remapping source validation flaw [XSA-33,
d0305df 
    CVE-2012-5634] (#893568)
d0305df 
- pv guests can crash xen when xen built with debug=y (included for
d0305df 
    completeness - Fedora builds have debug=n) [XSA-37, CVE-2013-0154]
d0305df
a4a0b81 
* Tue Dec 18 2012 Michael Young <m.a.young@durham.ac.uk> - 4.2.1-1
a4a0b81 
- update to xen-4.2.1
a4a0b81 
- remove patches that are included in 4.2.1
a4a0b81 
- rebase xen.fedora.efi.build.patch
a4a0b81
9e3e670 
* Thu Dec 13 2012 Richard W.M. Jones <rjones@redhat.com> - 4.2.0-7
9e3e670 
- Rebuild for OCaml fix (RHBZ#877128).
9e3e670
4c26dc9 
* Mon Dec 03 2012 Michael Young <m.a.young@durham.ac.uk> - 4.2.0-6
4c26dc9 
- 6 security fixes
4c26dc9 
  A guest can cause xen to crash [XSA-26, CVE-2012-5510] (#883082)
4c26dc9 
  An HVM guest can cause xen to run slowly or crash [XSA-27, CVE-2012-5511]
4c26dc9 
    (#883084)
4c26dc9 
  A PV guest can cause xen to crash and might be able escalate privileges
4c26dc9 
    [XSA-29, CVE-2012-5513] (#883088)
4c26dc9 
  An HVM guest can cause xen to hang [XSA-30, CVE-2012-5514] (#883091)
4c26dc9 
  A guest can cause xen to hang [XSA-31, CVE-2012-5515] (#883092)
4c26dc9 
  A PV guest can cause xen to crash and might be able escalate privileges
fbd9715 
    [XSA-32, CVE-2012-5525] (#883094)
4c26dc9
9e2a611 
* Sat Nov 17 2012 Michael Young <m.a.young@durham.ac.uk> - 4.2.0-5
9e2a611 
- two build fixes for Fedora 19
9e2a611 
- add texlive-ntgclass package to fix build
9e2a611
9b3fc6f 
* Tue Nov 13 2012 Michael Young <m.a.young@durham.ac.uk> - 4.2.0-4
9b3fc6f 
- 4 security fixes
9b3fc6f 
  A guest can block a cpu by setting a bad VCPU deadline [XSA 20,
9b3fc6f 
    CVE-2012-4535] (#876198)
9b3fc6f 
  HVM guest can exhaust p2m table crashing xen [XSA 22, CVE-2012-4537] (#876203)
9b3fc6f 
  PAE HVM guest can crash hypervisor [XSA-23, CVE-2012-4538] (#876205)
9b3fc6f 
  32-bit PV guest on 64-bit hypervisor can cause an hypervisor infinite
9b3fc6f 
    loop [XSA-24, CVE-2012-4539] (#876207)
9b3fc6f 
- texlive-2012 is now in Fedora 18
9b3fc6f
611b5b3 
* Sun Oct 28 2012 Michael Young <m.a.young@durham.ac.uk> - 4.2.0-3
611b5b3 
- texlive-2012 isn't in Fedora 18 yet
611b5b3
4bae017 
* Fri Oct 26 2012 Michael Young <m.a.young@durham.ac.uk> - 4.2.0-2
4bae017 
- limit the size of guest kernels and ramdisks to avoid running out
4bae017 
  of memeory on dom0 during guest boot [XSA-25, CVE-2012-4544] (#870414)
4bae017
c9994c1 
* Thu Oct 25 2012 Michael Young <m.a.young@durham.ac.uk> - 4.2.0-1
c9994c1 
- update to xen-4.2.0
c9994c1 
- rebase xen-net-disable-iptables-on-bridge.patch pygrubfix.patch
c9994c1 
- remove patches that are now upstream or with alternatives upstream
c9994c1 
- use ipxe and seabios from seabios-bin and ipxe-roms-qemu packages
c9994c1 
- xen tools now need ./configure to be run (x86_64 needs libdir set)
c9994c1 
- don't build upstream qemu version
c9994c1 
- amend list of files in package - relocate xenpaging
c9994c1 
  add /etc/xen/xlexample* oxenstored.conf /usr/include/xenstore-compat/*
c9994c1 
      xenstore-stubdom.gz xen-lowmemd xen-ringwatch xl.1.gz xl.cfg.5.gz
c9994c1 
      xl.conf.5.gz xlcpupool.cfg.5.gz
c9994c1 
- use a tmpfiles.d file to create /run/xen on boot
c9994c1 
- add BuildRequires for yajl-devel and graphviz
c9994c1 
- build an efi boot image where it is supported
c9994c1 
- adjust texlive changes so spec file still works on Fedora 17
c9994c1
62b6a0a 
* Thu Oct 18 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.3-6
62b6a0a 
- add font packages to build requires due to 2012 version of texlive in F19
62b6a0a 
- use build requires of texlive-latex instead of tetex-latex which it
62b6a0a 
  obsoletes
62b6a0a
e829d3c 
* Wed Oct 17 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.3-5
e829d3c 
- rebuild for ocaml update
e829d3c
804b883 
* Thu Sep 06 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.3-4
3e8a3ab 
- disable qemu monitor by default [XSA-19, CVE-2012-4411] (#855141)
804b883
5853d0c 
* Wed Sep 05 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.3-3
5853d0c 
- 5 security fixes
5853d0c 
  a malicious 64-bit PV guest can crash the dom0 [XSA-12, CVE-2012-3494]
5853d0c 
    (#854585)
5853d0c 
  a malicious crash might be able to crash the dom0 or escalate privileges
5853d0c 
    [XSA-13, CVE-2012-3495] (#854589)
5853d0c 
  a malicious PV guest can crash the dom0 [XSA-14, CVE-2012-3496] (#854590)
5853d0c 
  a malicious HVM guest can crash the dom0 and might be able to read
5853d0c 
    hypervisor or guest memory [XSA-16, CVE-2012-3498] (#854593)
5853d0c 
  an HVM guest could use VT100 escape sequences to escalate privileges to
5853d0c 
    that of the qemu process [XSA-17, CVE-2012-3515] (#854599)
5853d0c
76997c6 
* Fri Aug 10 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.3-1 4.1.3-2
ec7aaf9 
- update to 4.1.3
ec7aaf9 
  includes fix for untrusted HVM guest can cause the dom0 to hang or
ec7aaf9 
    crash [XSA-11, CVE-2012-3433] (#843582)
ec7aaf9 
- remove patches that are now upstream
ec7aaf9 
- remove some unnecessary compile fixes
ec7aaf9 
- adjust upstream-23936:cdb34816a40a-rework for backported fix for
ec7aaf9 
    upstream-23940:187d59e32a58
ec7aaf9 
- replace pygrub.size.limits.patch with upstreamed version
76997c6 
- fix for (#845444) broke xend under systemd
ec7aaf9
32a9cc9 
* Tue Aug 07 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-25
32a9cc9 
- remove some unnecessary cache flushing that slow things down
6aac2a4 
- change python options on xend to reduce selinux problems (#845444)
32a9cc9
b9d80d7 
* Thu Jul 26 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-24
067dd5d 
- in rare circumstances an unprivileged user can crash an HVM guest
067dd5d 
  [XSA-10,CVE-2012-3432] (#843766)
b9d80d7
b1e5b4a 
* Tue Jul 24 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-23
b1e5b4a 
- add a patch to remove a dependency on PyXML and Require python-lxml
b1e5b4a 
  instead of PyXML (#842843)
b1e5b4a
891a163 
* Sun Jul 22 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-22
891a163 
- adjust systemd service files not to report failures when running without
891a163 
  a hypervisor or when xendomains.service doesn't find anything to start
891a163
0d8c99e 
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.1.2-21
0d8c99e 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
0d8c99e
a82e36f 
* Tue Jun 12 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-20
a82e36f 
- Apply three security patches
a82e36f 
  64-bit PV guest privilege escalation vulnerability [CVE-2012-0217]
a82e36f 
  guest denial of service on syscall/sysenter exception generation
a82e36f 
    [CVE-2012-0218]
a82e36f 
  PV guest host Denial of Service [CVE-2012-2934]
a82e36f
2ef8710 
* Sat Jun 09 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-19
2ef8710 
- adjust xend.service systemd file to avoid selinux problems
2ef8710
eb73cc6 
* Fri Jun 08 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-18
2ef8710 
- Enable xenconsoled by default under systemd (#829732)
eb73cc6
000a7f3 
* Thu May 17 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-16 4.1.2-17
bbba229 
- make pygrub cope better with big files from guest (#818412 CVE-2012-2625)
000a7f3 
- add patch from 4.1.3-rc2-pre to build on F17/8
bbba229
02851a1 
* Sun Apr 15 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-15
02851a1 
- Make the udev tap rule more specific as it breaks openvpn (#812421)
02851a1 
- don't try setuid in xend if we don't need to so selinux is happier
02851a1
5487ebc 
* Sat Mar 31 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-14
5487ebc 
- /var/lib/xenstored mount has wrong selinux permissions in latest Fedora
5487ebc 
- load xen-acpi-processor module (kernel 3.4 onwards) if present
5487ebc
b487af7 
* Thu Mar 08 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-13
b487af7 
- fix a packaging error
b487af7
05fd902 
* Thu Mar 08 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-12
05fd902 
- fix an error in an rpm script from the sysv configuration removal
05fd902 
- migrate xendomains script to systemd
05fd902
52354b5 
* Wed Feb 29 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-11
52354b5 
- put the systemd files back in the right place
52354b5
f81c8ad 
* Wed Feb 29 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-10
f81c8ad 
- clean up systemd and sysv configuration including removal of migrated
f81c8ad 
  sysv files for fc17+
f81c8ad
e523ff7 
* Sat Feb 18 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-9
e523ff7 
- move xen-watchdog to systemd
e523ff7
8579593 
* Wed Feb 08 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-8
8579593 
- relocate systemd files for fc17+
8579593
c694278 
* Tue Feb 07 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-7
c694278 
- move xend and xenconsoled to systemd
c694278
0f40d03 
* Thu Feb 02 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-6
0f40d03 
- Fix buffer overflow in e1000 emulation for HVM guests [CVE-2012-0029]
0f40d03
d486191 
* Sat Jan 28 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-5
d486191 
- Start building xen's ocaml libraries if appropriate unless --without ocaml
d486191 
  was specified
d486191 
- add some backported patches from xen unstable (via Debian) for some
d486191 
  ocaml tidying and fixes
d486191
6cc58a8 
* Sun Jan 15 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-4
6cc58a8 
- actually apply the xend-pci-loop.patch
6cc58a8 
- compile fixes for gcc-4.7
6cc58a8
3792f02 
* Wed Jan 11 2012 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-3
3792f02 
- Add xend-pci-loop.patch to stop xend crashing with weird PCI cards (#767742)
3792f02 
- avoid a backtrace if xend can't log to the standard file or a
3792f02 
  temporary directory (part of #741042)
3792f02
fbce2fe 
* Mon Nov 21 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-2
fbce2fe 
- Fix lost interrupts on emulated devices
fbce2fe 
- stop xend crashing if its state files are empty at start up
fbce2fe 
- avoid a python backtrace if xend is run on bare metal
fbce2fe 
- update grub2 configuration after the old hypervisor has gone
fbce2fe 
- move blktapctrl to systemd
fbce2fe 
- Drop obsolete dom0-kernel.repo file
fbce2fe
77e08f3 
* Fri Oct 21 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.2-1
77e08f3 
- update to 4.1.2
77e08f3 
  remove upstream patches xen-4.1-testing.23104 and xen-4.1-testing.23112
77e08f3
d0a8fa6 
* Fri Oct 14 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.1-8
d0a8fa6 
- more pygrub improvements for grub2 on guest
d0a8fa6
a6bf624 
* Thu Oct 13 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.1-7
a6bf624 
- make pygrub work better with GPT partitions and grub2 on guest
a6bf624
bc53f7c 
* Thu Sep 29 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.1-5 4.1.1-6
0d77316 
- improve systemd functionality
0d77316
4b8e3c5 
* Wed Sep 28 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.1-4
5a4d1c4 
- lsb header fixes - xenconsoled shutdown needs xenstored to be running
4b8e3c5 
- partial migration to systemd to fix shutdown delays
4b8e3c5 
- update grub2 configuration after hypervisor updates
0d10a54
9c05d60 
* Sun Aug 14 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.1-3
9c05d60 
- untrusted guest controlling PCI[E] device can lock up host CPU [CVE-2011-3131]
9c05d60
c58093c 
* Wed Jul 20 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.1-2
c58093c 
- clean up patch to solve a problem with hvmloader compiled with gcc 4.6
c58093c
0f0215d 
* Wed Jun 15 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.1-1
0f0215d 
- update to 4.1.1
0f0215d 
  includes various bugfixes and fix for [CVE-2011-1898] guest with pci
0f0215d 
  passthrough can gain privileged access to base domain
0f0215d 
- remove upstream cve-2011-1583-4.1.patch
0f0215d
f1397f3 
* Mon May 09 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.0-2
f1397f3 
- Overflows in kernel decompression can allow root on xen PV guest to gain
f1397f3 
  privileged access to base domain, or access to xen configuration info.
f1397f3 
  Lack of error checking could allow DoS attack from guest [CVE-2011-1583]
f1397f3 
- Don't require /usr/bin/qemu-nbd as it isn't used at present.
f1397f3
6f6eb2a 
* Fri Mar 25 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.0-1
6f6eb2a 
- update to 4.1.0 final
6f6eb2a
d48d28a 
* Tue Mar 22 2011 Michael Young <m.a.young@durham.ac.uk> - 4.1.0-0.1.rc8
d48d28a 
- update to 4.1.0-rc8 release candidate
d48d28a 
- create xen-4.1.0-rc8.tar.xz file from git/hg repositories
d48d28a 
- rebase xen-initscript.patch xen-dumpdir.patch
d48d28a 
  xen-net-disable-iptables-on-bridge.patch localgcc45fix.patch
d48d28a 
  sysconfig.xenstored init.xenstored
d48d28a 
- remove unnecessary or conflicting xen-xenstore-cli.patch localpy27fixes.patch
d48d28a 
  xen.irq.fixes.patch xen.xsave.disable.patch xen.8259afix.patch
d48d28a 
  localcleanups.patch libpermfixes.patch
d48d28a 
- add patch to allow pygrub to work with single partitions with boot sectors
d48d28a 
- create ipxe-git-v1.0.0.tar.gz from http://git.ipxe.org/ipxe.git
d48d28a 
  to avoid downloading at build time
d48d28a 
- no need to move udev rules or init scripts as now created in the right place
d48d28a 
- amend list of files shipped - remove fs-backend
d48d28a 
  add init.d scripts xen-watchdog xencommons
d48d28a 
  add config files xencommons xl.conf cpupool
d48d28a 
  add programs kdd tap-ctl xen-hptool xen-hvmcrash xenwatchdogd
d48d28a
bffb2b7 
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.1-10
bffb2b7 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
bffb2b7
f13c240 
* Mon Jan 31 2011 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-9
f13c240 
- Make libraries executable so that rpm gets dependencies right
f13c240
b3de545 
* Sat Jan 29 2011 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-8
b3de545 
- Temporarily turn off some compile options so it will build on rawhide
b3de545
10e062d 
* Fri Jan 28 2011 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-7
10e062d 
- ghost directories in /var/run (#656724)
10e062d 
- minor fixes to /usr/share/doc/xen-doc-4.?.?/misc/network_setup.txt (#653159)
10e062d 
  /etc/xen/scripts/network-route, /etc/xen/scripts/vif-common.sh (#669747)
10e062d 
  and /etc/sysconfig/modules/xen.modules (#656536)
10e062d
0e39189 
* Tue Oct 12 2010 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-6
0e39189 
- add upstream xen patch xen.8259afix.patch to fix boot panic
0e39189 
  "IO-APIC + timer doesn't work!" (#642108)
0e39189
3150dfe 
* Thu Oct 07 2010 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-5
3150dfe 
- add ext4 support for pvgrub (grub-ext4-support.patch from grub-0.97-66.fc14)
3150dfe
Jesse Keating 9e94f45 
* Wed Sep 29 2010 jkeating - 4.0.1-4
Jesse Keating 9e94f45 
- Rebuilt for gcc bug 634757
Jesse Keating 9e94f45
883e72b 
* Fri Sep 24 2010 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-3
883e72b 
- create symlink for qemu-dm on x86_64 for compatibility with 3.4
883e72b 
- apply some patches destined for 4.0.2
883e72b 
    add some irq fixes
883e72b 
    disable xsave which causes problems for HVM
883e72b
f4706b0 
* Sun Aug 29 2010 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-2
f4706b0 
- fix compile problems on Fedora 15, I suspect due to gcc 4.5.1
f4706b0
34085e7 
* Wed Aug 25 2010 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-1
34085e7 
- update to 4.0.1 release - many bug fixes
34085e7 
- xen-dev-create-cleanup.patch no longer needed
34085e7 
- remove part of localgcc45fix.patch no longer needed
34085e7 
- package new files /etc/bash_completion.d/xl.sh
34085e7 
  and /usr/sbin/gdbsx
34085e7 
- add patch to get xm and xend working with python 2.7
34085e7
4c0d7d0 
* Mon Aug 2 2010 Michael Young <m.a.young@durham.ac.uk> - 4.0.0-5
4c0d7d0 
- add newer module names and xen-gntdev to xen.modules
4c0d7d0 
- Update dom0-kernel.repo file to use repos.fedorapeople.org location
4c0d7d0
4c0d7d0 
* Mon Jul 26 2010 Michael Young <m.a.young@durham.ac.uk>
c6a6ecc 
- create a xen-licenses package to satisfy revised the Fedora
c6a6ecc 
  Licensing Guidelines
c6a6ecc
2971dc2 
* Sun Jul 25 2010 Michael Young <m.a.young@durham.ac.uk> - 4.0.0-4
2971dc2 
- fix gcc 4.5 compile problems
2971dc2
3033f8f 
* Thu Jul 22 2010 David Malcolm <dmalcolm@redhat.com> - 4.0.0-3
3033f8f 
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
3033f8f
496a6aa 
* Sun Jun 20 2010 Michael Young <m.a.young@durham.ac.uk> - 4.0.0-2
496a6aa 
- add patch to remove some old device creation code that doesn't
496a6aa 
  work with the latest pvops kernels
496a6aa
9e2a611 
* Mon Jun 7 2010 Michael Young <m.a.young@durham.ac.uk> - 4.0.0-1
940f206 
- update to 4.0.0 release
940f206 
- rebase xen-initscript.patch and xen-dumpdir.patch patches
940f206 
- adjust spec file for files added to or removed from the packages
940f206 
- add new build dependencies libuuid-devel and iasl
940f206
e594e25 
* Tue Jun 1 2010 Michael Young <m.a.young@durham.ac.uk> - 3.4.3-1
e594e25 
- update to 3.4.3 release including
e594e25 
    support for latest pv_ops kernels (possibly incomplete)
e594e25 
    should fix build problems (#565063) and crashes (#545307)
e594e25 
- replace Prereq: with Requires: in spec file
e594e25 
- drop static libraries (#556101)
e594e25
ea64d6e 
* Thu Dec 10 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.4.2-2
ea64d6e 
- adapt module load script to evtchn.ko -> xen-evtchn.ko rename.
ea64d6e
624afb8 
* Thu Dec 10 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.4.2-1
624afb8 
- update to 3.4.2 release.
624afb8 
- drop backport patches.
624afb8
9e2a611 
* Thu Oct 8 2009 Justin M. Forbes <jforbes@redhat.com> - 3.4.1-5
cfdffb8 
- add PyXML to dependencies. (#496135)
cfdffb8 
- Take ownership of {_libdir}/fs (#521806)
cfdffb8
bd0a32e 
* Mon Sep 14 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.4.1-4
bd0a32e 
- add e2fsprogs-devel to build dependencies.
bd0a32e
9e2a611 
* Wed Sep 2 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.4.1-3
fe28857 
- swap bzip2+xz linux kernel compression support patches.
fe28857 
- backport one more bugfix (videoram option).
fe28857
fb6615d 
* Tue Sep 1 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.4.1-2
fb6615d 
- backport bzip2+xz linux kernel compression support.
fb6615d 
- backport a few bugfixes.
fb6615d
711f33f 
* Fri Aug 7 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.4.1-1
b68532d 
- update to 3.4.1 release.
b68532d
223f13c 
* Wed Aug 5 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.4.0-4
223f13c 
- Kill info files.  No xen docs, just standard gnu stuff.
223f13c 
- kill -Werror in tools/libxc to fix build.
223f13c
7e3a676 
* Mon Jul 27 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.4.0-3
7e3a676 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
7e3a676
e28cef0 
* Thu May 28 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.4.0-2
e28cef0 
- rename info files to fix conflict with binutils.
e28cef0 
- add install-info calls for the doc subpackage.
e28cef0 
- un-parallelize doc build.
e28cef0
befec2e 
* Wed May 27 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.4.0-1
befec2e 
- update to version 3.4.0.
befec2e 
- cleanup specfile, add doc subpackage.
befec2e
f49bf52 
* Tue Mar 10 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.3.1-11
ce25e4f 
- fix python 2.6 warnings.
ce25e4f
250002d 
* Fri Mar 6 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.3.1-9
b918b9d 
- fix xen.modules init script for pv_ops kernel.
b918b9d 
- stick rpm release tag into XEN_VENDORVERSION.
b918b9d 
- use %{ix86} macro in ExclusiveArch.
250002d 
- keep blktapctrl turned off by default.
b918b9d
fd00dc7 
* Mon Mar 2 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.3.1-7
fd00dc7 
- fix xenstored init script for pv_ops kernel.
fd00dc7
5b4649f 
* Fri Feb 27 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.3.1-6
5b4649f 
- fix xenstored crash.
5b4649f 
- backport qemu-unplug patch.
5b4649f
b6a1b37 
* Tue Feb 24 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.3.1-5
9503b0f 
- fix gcc44 build (broken constrain in inline asm).
b6a1b37 
- fix ExclusiveArch
9503b0f
e074fbd 
* Tue Feb 3 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.3.1-3
e074fbd 
- backport bzImage support for dom0 builder.
e074fbd
367f3c6 
* Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 3.3.1-2
367f3c6 
- rebuild with new openssl
367f3c6
fb24ce0 
* Thu Jan 8 2009 Gerd Hoffmann <kraxel@redhat.com> - 3.3.1-1
fb24ce0 
- update to xen 3.3.1 release.
fb24ce0
4fdf0a2 
* Wed Dec 17 2008 Gerd Hoffmann <kraxel@redhat.com> - 3.3.0-2
4fdf0a2 
- build and package stub domains (pvgrub, ioemu).
4fdf0a2 
- backport unstable fixes for pv_ops dom0.
4fdf0a2
cd1b309 
* Sat Nov 29 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 3.3.0-1.1
cd1b309 
- Rebuild for Python 2.6
cd1b309
77513e5 
* Fri Aug 29 2008 Daniel P. Berrange <berrange@redhat.com> - 3.3.0-1.fc10
77513e5 
- Update to xen 3.3.0 release
77513e5
17764ba 
* Wed Jul 23 2008 Mark McLoughlin <markmc@redhat.com> - 3.2.0-17.fc10
17764ba 
- Enable xen-hypervisor build
17764ba 
- Backport support for booting DomU from bzImage
17764ba 
- Re-diff all patches for zero fuzz
17764ba
42ac6ee 
* Wed Jul  9 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-16.fc10
42ac6ee 
- Remove bogus ia64 hypercall arg (rhbz #433921)
42ac6ee
Markus Armbruster afaecd2 
* Fri Jun 27 2008 Markus Armbruster <armbru@redhat.com> - 3.2.0-15.fc10
Markus Armbruster afaecd2 
- Re-enable QEMU image format auto-detection, without the security
Markus Armbruster afaecd2 
  loopholes
Markus Armbruster afaecd2
eae8450 
* Wed Jun 25 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-14.fc10
eae8450 
- Rebuild for GNU TLS ABI change
eae8450
Markus Armbruster cd5c678 
* Fri Jun 13 2008 Markus Armbruster <armbru@redhat.com> - 3.2.0-13.fc10
Markus Armbruster cd5c678 
- Correctly limit PVFB size (CVE-2008-1952)
Markus Armbruster cd5c678
25f0a97 
* Tue Jun  3 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-12.fc10
25f0a97 
- Move /var/run/xend into xen-runtime for pygrub (rhbz #442052)
25f0a97
Markus Armbruster 1ef04ff 
* Wed May 14 2008 Markus Armbruster <armbru@redhat.com> - 3.2.0-11.fc10
Markus Armbruster 1ef04ff 
- Disable QEMU image format auto-detection (CVE-2008-2004)
Markus Armbruster 1ef04ff 
- Fix PVFB to validate frame buffer description (CVE-2008-1943)
Markus Armbruster 1ef04ff
8262cb8 
* Wed Feb 27 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-10.fc9
8262cb8 
- Fix block device checks for extendable disk formats
8262cb8
fd1d493 
* Wed Feb 27 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-9.fc9
fd1d493 
- Let XenD setup QEMU logfile (rhbz #435164)
fd1d493 
- Fix PVFB use of event channel filehandle
fd1d493
44f6e8b 
* Sat Feb 23 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-8.fc9
44f6e8b 
- Fix block device extents check (rhbz #433560)
44f6e8b
8d5f5c2 
* Mon Feb 18 2008 Mark McLoughlin <markmc@redhat.com> - 3.2.0-7.fc9
8d5f5c2 
- Restore some network-bridge patches lost during 3.2.0 rebase
8d5f5c2
e3fd519 
* Wed Feb  6 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-6.fc9
e3fd519 
- Fixed xenstore-ls to automatically use xenstored socket as needed
e3fd519
edf1911 
* Sun Feb  3 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-5.fc9
edf1911 
- Fix timer mode parameter handling for HVM
edf1911 
- Temporarily disable all Latex docs due to texlive problems (rhbz #431327)
edf1911
b93c39f 
* Fri Feb  1 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-4.fc9
b93c39f 
- Add a xen-runtime subpackage to allow use of Xen without XenD
b93c39f 
- Split init script out to one script per daemon
b93c39f 
- Remove unused / broken / obsolete tools
b93c39f
b93c39f 
* Mon Jan 21 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-3.fc9
b93c39f 
- Remove legacy dependancy on python-virtinst
b93c39f
8d9ff1f 
* Mon Jan 21 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-2.fc9
8d9ff1f 
- Added XSM header files to -devel RPM
8d9ff1f
9b693aa 
* Fri Jan 18 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-1.fc9
9b693aa 
- Updated to 3.2.0 final release
9b693aa
5d197d9 
* Thu Jan 10 2008 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-0.fc9.rc5.dev16701.1
5d197d9 
- Rebase to Xen 3.2 rc5 changeset 16701
5d197d9
e843eee 
* Thu Dec 13 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.2-3.fc9
e843eee 
- Re-factor to make it easier to test dev trees in RPMs
e843eee 
- Include hypervisor build if doing a dev RPM
e843eee
e843eee 
* Fri Dec 07 2007 Release Engineering <rel-eng@fedoraproject.org> - 3.1.2-2.fc9
3ce1d04 
- Rebuild for deps
3ce1d04
2e5da8c 
* Sat Dec  1 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.2-1.fc9
2e5da8c 
- Upgrade to 3.1.2 bugfix release
2e5da8c
e51e777 
* Sat Nov  3 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-14.fc9
e51e777 
- Disable network-bridge script since it conflicts with NetworkManager
e51e777 
  which is now on by default
e51e777
2429a0b 
* Fri Oct 26 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-13.fc9
2429a0b 
- Fixed xenbaked tmpfile flaw (CVE-2007-3919)
2429a0b
4057571 
* Wed Oct 10 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-12.fc8
4057571 
- Pull in QEMU BIOS boot menu patch from KVM package
f439126 
- Fix QEMU patch for locating x509 certificates based on command line args
f439126 
- Add XenD config options for TLS x509 certificate setup
4057571
ca4c42e 
* Wed Sep 26 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-11.fc8
ca4c42e 
- Fixed rtl8139 checksum calculation for Vista (rhbz #308201)
ca4c42e
886e707 
* Wed Sep 26 2007 Chris Lalancette <clalance@redhat.com> - 3.1.0-10.fc8
886e707 
- QEmu NE2000 overflow check - CVE-2007-1321
886e707 
- Pygrub guest escape - CVE-2007-4993
886e707
258a389 
* Mon Sep 24 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-9.fc8
258a389 
- Fix generation of manual pages (rhbz #250791)
056c265 
- Really fix FC-6 32-on-64 guests
258a389
d797a5a 
* Mon Sep 24 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-8.fc8
258a389 
- Make 32-bit FC-6 guest PVFB work on x86_64 host
d797a5a
90684d3 
* Mon Sep 24 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-7.fc8
90684d3 
- Re-add support for back-compat FC6 PVFB support
90684d3 
- Fix handling of explicit port numbers (rhbz #279581)
90684d3
772cc64 
* Wed Sep 19 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-6.fc8
772cc64 
- Don't clobber the VIF type attribute in FV guests (rhbz #296061)
772cc64
28b7376 
* Tue Aug 28 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-5.fc8
28b7376 
- Added dep on openssl for blktap-qcow
28b7376
94aa64e 
* Tue Aug 28 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-4.fc8
94aa64e 
- Switch PVFB over to use QEMU
94aa64e 
- Backport QEMU VNC security patches for TLS/x509
94aa64e
Markus Armbruster 0f978b1 
* Wed Aug  1 2007 Markus Armbruster <armbru@redhat.com> - 3.1.0-3.fc8
Markus Armbruster 0f978b1 
- Put guest's native protocol ABI into xenstore, to provide for older
Markus Armbruster 0f978b1 
  kernels running 32-on-64.
Markus Armbruster 0f978b1 
- VNC keymap fixes
Markus Armbruster 0f978b1 
- Fix race conditions in LibVNCServer on client disconnect
Markus Armbruster 0f978b1
6645a82 
* Tue Jun 12 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-2.fc8
6645a82 
- Remove patch which kills VNC monitor
6645a82 
- Fix HVM save/restore file path to be /var/lib/xen instead of /tmp
6645a82 
- Don't spawn a bogus xen-vncfb daemon for HVM guests
6645a82 
- Add persistent logging of hypervisor & guest consoles
6645a82 
- Add /etc/sysconfig/xen to allow admin choice of logging options
6645a82 
- Re-write Xen startup to use standard init script functions
6645a82 
- Add logrotate configuration for all xen related logs
6645a82
d006c29 
* Fri May 25 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-1.fc8
5aa672f 
- Updated to official 3.1.0 tar.gz
5aa672f 
- Fixed data corruption from VNC client disconnect (bz 241303)
5aa672f
ac1e11a 
* Thu May 17 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-0.rc7.2.fc7
ac1e11a 
- Ensure xen-vncfb processes are cleanedup if guest quits (bz 240406)
ac1e11a 
- Tear down guest if device hotplug fails
ac1e11a
5f943e6 
* Thu May  3 2007 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-0.rc7.1.fc7
5f943e6 
- Updated to 3.1.0 rc7, changeset  15021 (upstream renumbered from 3.0.5)
5f943e6
273ef68 
* Tue May  1 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.5-0.rc4.4.fc7
273ef68 
- Fix op_save RPC API
273ef68
de12dc6 
* Mon Apr 30 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.5-0.rc4.3.fc7
de12dc6 
- Added BR on gettext
de12dc6
ae2a460 
* Mon Apr 30 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.5-0.rc4.2.fc7
ae2a460 
- Redo failed build.
ae2a460
096de1e 
* Mon Apr 30 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.5-0.rc4.1.fc7
096de1e 
- Updated to 3.0.5 rc4, changeset 14993
096de1e 
- Reduce number of xenstore transactions used for listing domains
096de1e 
- Hack to pre-balloon 2 MB for PV guests as well as HVM
096de1e
096de1e 
* Thu Apr 26 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.5-0.rc3.14934.2.fc7
096de1e 
- Fixed display of bootloader menu with xm create -c
096de1e 
- Added modprobe for both xenblktap & blktap to deal with rename issues
096de1e 
- Hack to pre-balloon 10 MB for HVM guests
096de1e
096de1e 
* Thu Apr 26 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.5-0.rc3.14934.1.fc7
096de1e 
- Updated to 3.0.5 rc3, changeset 14934
096de1e 
- Fixed networking for service xend restart & minor IPv6 tweak
096de1e
096de1e 
* Tue Apr 24 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.5-0.rc2.14889.2.fc7
096de1e 
- Fixed vfb/vkbd device startup race
096de1e
096de1e 
* Tue Apr 24 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.5-0.rc2.14889.1.fc7
096de1e 
- Updated to xen 3.0.5 rc2, changeset 14889
096de1e 
- Remove use of netloop from network-bridge script
096de1e 
- Add backcompat support to vif-bridge script to translate xenbrN to ethN
096de1e
c3f4538 
* Wed Mar 14 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.4-9.fc7
c3f4538 
- Disable access to QEMU monitor over VNC (CVE-2007-0998, bz 230295)
c3f4538
fe28fd2 
* Tue Mar  6 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.4-8.fc7
fe28fd2 
- Close QEMU file handles when running network script
fe28fd2
fe28fd2 
* Fri Mar  2 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.4-7.fc7
9f12602 
- Fix interaction of bootloader with blktap (bz 230702)
fe28fd2 
- Ensure PVFB daemon terminates if domain doesn't startup (bz 230634)
9f12602
fe28fd2 
* Thu Feb  8 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.4-6.fc7
63666bb 
- Setup readonly loop devices for readonly disks
63666bb 
- Extended error reporting for hotplug scripts
63666bb 
- Pass all 8 mouse buttons from VNC through to kernel
63666bb
2c5faf7 
* Tue Jan 30 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.4-5.fc7
2c5faf7 
- Don't run the pvfb daemons for HVM guests (bz 225413)
2c5faf7 
- Fix handling of vnclisten parameter for HVM guests
2c5faf7
53a13fb 
* Tue Jan 30 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.4-4.fc7
53a13fb 
- Fix pygrub memory corruption
53a13fb
53a13fb 
* Tue Jan 23 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.4-3.fc7
d00c194 
- Added PVFB back compat for FC5/6 guests
d00c194
d00c194 
* Mon Jan 22 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.4-2.fc7
4cde606 
- Ensure the arch-x86 header files are included in xen-devel package
4cde606 
- Bring back patch to move /var/xen/dump to /var/lib/xen/dump
4cde606 
- Make /var/log/xen mode 0700
4cde606
274378c 
* Thu Jan 11 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.4-1
274378c 
- Upgrade to official xen-3.0.4_1 release tarball
274378c
2aeac4d 
* Thu Dec 14 2006 Jeremy Katz <katzj@redhat.com> - 3.0.3-3
2aeac4d 
- fix the build
2aeac4d
acbbe72 
* Thu Dec  7 2006 Jeremy Katz <katzj@redhat.com> - 3.0.3-2
acbbe72 
- rebuild for python 2.5
acbbe72
8ac218c 
* Tue Oct 24 2006 Daniel P. Berrange <berrange@redhat.com> - 3.0.3-1
8ac218c 
- Pull in the official 3.0.3 tarball of xen (changeset 11774).
8ac218c 
- Add patches for VNC password authentication (bz 203196)
8ac218c 
- Switch /etc/xen directory to be mode 0700 because the config files
8ac218c 
  can contain plain text passwords (bz 203196)
8ac218c 
- Change the package dependency to python-virtinst to reflect the
8ac218c 
  package name change.
8ac218c 
- Fix str-2-int cast of VNC port for paravirt framebuffer (bz 211193)
8ac218c
88c194b 
* Wed Oct  4 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-44
88c194b 
- fix having "many" kernels in pygrub
88c194b
Stephen Tweedie 55f2e4f 
* Wed Oct  4 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-43
Stephen Tweedie 55f2e4f 
- Fix SMBIOS tables for SVM guests [danpb] (bug 207501)
Stephen Tweedie 55f2e4f
7f94fb3 
* Fri Sep 29 2006 Daniel P. Berrange <berrange@redhat.com> - 3.0.2-42
7f94fb3 
- Added vnclisten patches to make VNC only listen on localhost
7f94fb3 
  out of the box, configurable by 'vnclisten' parameter (bz 203196)
7f94fb3
Stephen Tweedie cc84a62 
* Thu Sep 28 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-41
Stephen Tweedie cc84a62 
- Update to xen-3.0.3-testing changeset 11633
Stephen Tweedie cc84a62
Stephen Tweedie 599e0d6 
* Thu Sep 28 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-40
Stephen Tweedie 599e0d6 
- Workaround blktap/xenstore startup race
Stephen Tweedie 599e0d6 
- Add udev rules for xen blktap devices (srostedt)
Stephen Tweedie 599e0d6 
- Add support for dynamic blktap device nodes (srostedt)
Stephen Tweedie 599e0d6 
- Fixes for infinite dom0 cpu usage with blktap
Stephen Tweedie 599e0d6 
- Fix xm not to die on malformed "tap:" blkif config string
Stephen Tweedie 599e0d6 
- Enable blktap on kernels without epoll-for-aio support.
Stephen Tweedie 599e0d6 
- Load the blktap module automatically at startup
Stephen Tweedie 599e0d6 
- Reenable blktapctrl
Stephen Tweedie 599e0d6
a9475ad 
* Wed Sep 27 2006 Daniel Berrange <berrange@redhat.com> - 3.0.2-39
a9475ad 
- Disable paravirt framebuffer server side rendered cursor (bz 206313)
a9475ad 
- Ignore SIGPIPE in paravirt framebuffer daemon to avoid terminating
a9475ad 
  on client disconnects while writing data (bz 208025)
a9475ad
9cbacce 
* Wed Sep 27 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-38
9cbacce 
- Fix cursor in pygrub (#208041)
9cbacce
04a0fb1 
* Tue Sep 26 2006 Daniel P. Berrange <berrange@redhat.com> - 3.0.2-37
04a0fb1 
- Removed obsolete scary warnings in package description
04a0fb1
Stephen Tweedie 00956fb 
* Thu Sep 21 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-36
Stephen Tweedie 00956fb 
- Add Requires: kpartx for dom0 access to domU data
Stephen Tweedie 00956fb
Stephen Tweedie 63b6812 
* Wed Sep 20 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-35
Stephen Tweedie 63b6812 
- Don't strip qemu-dm early, so that we get proper debuginfo (danpb)
Stephen Tweedie 63b6812 
- Fix compile problem with latest glibc
Stephen Tweedie 63b6812
Stephen Tweedie 63b6812 
* Wed Sep 20 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-34
Stephen Tweedie 63b6812 
- Update to xen-unstable changeset 11539
Stephen Tweedie 63b6812 
- Threading fixes for libVNCserver (danpb)
Stephen Tweedie 63b6812
275ab01 
* Tue Sep  5 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-33
275ab01 
- update pvfb patch based on upstream feedback
275ab01
f33e7da 
* Tue Sep  5 2006 Juan Quintela <quintela@redhat.com> - 3.0.2-31
f33e7da 
- re-enable ia64.
f33e7da
d36143f 
* Thu Aug 31 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-31
d36143f 
- update to changeset 11405
d36143f
d36143f 
* Thu Aug 31 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-30
d36143f 
- fix pvfb for x86_64
d36143f
457b7d6 
* Wed Aug 30 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-29
457b7d6 
- update libvncserver to hopefully fix problems with vnc clients disconnecting
457b7d6
1eab2d3 
* Tue Aug 29 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-28
1eab2d3 
- fix a typo
1eab2d3
6533f13 
* Mon Aug 28 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-27
6533f13 
- add support for paravirt framebuffer
6533f13
9a7748e 
* Mon Aug 28 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-26
9a7748e 
- update to xen-unstable cs 11251
9a7748e 
- clean up patches some
a832954 
- disable ia64 as it doesn't currently build
9a7748e
3ced529 
* Tue Aug 22 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-25
3ced529 
- make initscript not spew on non-xen kernels (#202945)
3ced529
9c1062f 
* Mon Aug 21 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-24
9c1062f 
- remove copy of xenguest-install from this package, require
9c1062f 
  python-xeninst (the new home of xenguest-install)
9c1062f
c859ee3 
* Wed Aug  2 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-23
c859ee3 
- add patch to fix rtl8139 in FV, switch it back to the default nic
c859ee3 
- add necessary ia64 patches (#201040)
c859ee3 
- build on ia64
c859ee3
d260f04 
* Fri Jul 28 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-22
d260f04 
- add patch to fix net devices for HVM guests
d260f04
riel 83eb99d 
* Fri Jul 28 2006 Rik van Riel <riel@redhat.com> - 3.0.2-21
riel 83eb99d 
- make sure disk IO from HVM guests actually hits disk (#198851)
riel 83eb99d
75dd604 
* Fri Jul 28 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-20
75dd604 
- don't start blktapctrl for now
75dd604 
- fix HVM guest creation in xenguest-install
75dd604 
- make sure log files have the right SELinux label
75dd604
061e3ec 
* Tue Jul 25 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-19
061e3ec 
- fix libblktap symlinks (#199820)
061e3ec 
- make libxenstore executable (#197316)
061e3ec 
- version libxenstore (markmc)
061e3ec
75a3df7 
* Fri Jul 21 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-18
75a3df7 
- include /var/xen/dump in file list
75a3df7 
- load blkbk, netbk and netloop when xend starts
75a3df7 
- update to cs 10712
9577c07 
- avoid file conflicts with qemu (#199759)
75a3df7
760bfc2 
* Wed Jul 19 2006 Mark McLoughlin <markmc@redhat.com> - 3.0.2-17
760bfc2 
- libxenstore is unversioned, so make xen-libs own it rather
760bfc2 
  than xen-devel
760bfc2
e641aa5 
* Wed Jul 19 2006 Mark McLoughlin <markmc@redhat.com> 3.0.2-16
e641aa5 
- Fix network-bridge error (#199414)
e641aa5
a63f558 
* Mon Jul 17 2006 Daniel Veillard <veillard@redhat.com> - 3.0.2-15
a63f558 
- desactivating the relocation server in xend conf by default and
a63f558 
  add a warning text about it.
a63f558
Stephen Tweedie b441e8c 
* Thu Jul 13 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-14
Stephen Tweedie b441e8c 
- Compile fix: don't #include <linux/compiler.h>
Stephen Tweedie b441e8c
Stephen Tweedie faecd2a 
* Thu Jul 13 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-13
Stephen Tweedie faecd2a 
- Update to xen-unstable cset 10675
Stephen Tweedie faecd2a 
- Remove internal libvncserver build, new qemu device model has its own one
Stephen Tweedie faecd2a 
  now.
Stephen Tweedie faecd2a 
- Change default FV NIC model from rtl8139 to ne2k_pci until the former works
Stephen Tweedie faecd2a 
  better
Stephen Tweedie faecd2a
edce51f 
* Tue Jul 11 2006 Daniel Veillard <veillard@redhat.com> - 3.0.2-12
edce51f 
- bump libvirt requires to 0.1.2
edce51f 
- drop xend httpd localhost server and use the unix socket instead
edce51f
6329324 
* Mon Jul 10 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-11
6329324 
- split into main packages + -libs and -devel subpackages for #198260
6329324 
- add patch from jfautley to allow specifying other bridge for
6329324 
  xenguest-install (#198097)
6329324
ad30e54 
* Mon Jul  3 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-10
ad30e54 
- make xenguest-install work with relative paths to disk
ad30e54 
  images (markmc, #197518)
ad30e54
5140d05 
* Fri Jun 23 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-9
5140d05 
- own /var/run/xend for selinux (#196456, #195952)
5140d05
e7adc39 
* Tue Jun 13 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-8
e7adc39 
- fix syntax error in xenguest-install
e7adc39
9e183c3 
* Mon Jun 12 2006 Daniel Veillard <veillard@redhat.com> - 3.0.2-7
9e183c3 
- more initscript patch to report status #184452
9e183c3
Stephen Tweedie 1023b64 
* Wed Jun  7 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-6
Stephen Tweedie 1023b64 
- Add BuildRequires: for gnu/stubs-32.h so that x86_64 builds pick up
Stephen Tweedie 1023b64 
  glibc32 correctly
Stephen Tweedie 1023b64
Stephen Tweedie 6e3cdb3 
* Wed Jun  7 2006 Stephen C. Tweedie <sct@redhat.com> - 3.0.2-5
Stephen Tweedie 6e3cdb3 
- Rebase to xen-unstable cset 10278
Stephen Tweedie 6e3cdb3
df62e00 
* Fri May  5 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-4
df62e00 
- update to new snapshot (changeset 9925)
df62e00
17143cc 
* Thu Apr 27 2006 Daniel Veillard <veillard@redhat.com> - 3.0.2-3
17143cc 
- xen.h now requires xen-compat.h, install it too
17143cc
86c7712 
* Wed Apr 26 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-2
86c7712 
- -m64 patch isn't needed anymore either
86c7712
ff5c4a8 
* Tue Apr 25 2006 Jeremy Katz <katzj@redhat.com> - 3.0.2-1
ff5c4a8 
- update to post 3.0.2 snapshot (changeset:   9744:1ad06bd6832d)
ff5c4a8 
- stop applying patches that are upstreamed
ff5c4a8 
- add patches for bootloader to run on all domain creations
ff5c4a8 
- make xenguest-install create a persistent uuid
ff5c4a8 
- use libvirt for domain creation in xenguest-install, slightly improve
ff5c4a8 
  error handling
ff5c4a8
4483627 
* Tue Apr 18 2006 Daniel Veillard <veillard@redhat.com> - 3.0.1-5
4483627 
- augment the close on exec patch with the fix for #188361
4483627
bfc699f 
* Thu Mar  9 2006 Jeremy Katz <katzj@redhat.com> - 3.0.1-4
bfc699f 
- add udev rule so that /dev/xen/evtchn gets created properly
bfc699f 
- make pygrub not use /tmp for SELinux
bfc699f 
- make xenguest-install actually unmount its nfs share.  also, don't use /tmp
bfc699f
1b8338c 
* Tue Mar  7 2006 Jeremy Katz <katzj@redhat.com> - 3.0.1-3
1b8338c 
- set /proc/xen/privcmd and /var/log/xend-debug.log as close on exec to avoid
1b8338c 
  SELinux problems
96b0240 
- give better feedback on invalid urls (#184176)
1b8338c
Stephen Tweedie 52a1c70 
* Mon Mar  6 2006 Stephen Tweedie <sct@redhat.com> - 3.0.1-2
Stephen Tweedie 52a1c70 
- Use kva mmap to find the xenstore page (upstream xen-unstable cset 9130)
Stephen Tweedie 52a1c70
4ce1054 
* Mon Mar  6 2006 Jeremy Katz <katzj@redhat.com> - 3.0.1-1
4ce1054 
- fix xenguest-install so that it uses phy: for block devices instead of
4ce1054 
  forcing them over loopback.
4ce1054 
- change package versioning to be a little more accurate
4ce1054
Stephen Tweedie fb89ad4 
* Thu Mar  2 2006 Stephen Tweedie <sct@redhat.com> - 3.0.1-0.20060301.fc5.3
Stephen Tweedie fb89ad4 
- Remove unneeded CFLAGS spec file hack
Stephen Tweedie fb89ad4
riel 3a12e29 
* Thu Mar  2 2006 Rik van Riel <riel@redhat.com> - 3.0.1-0.20060301.fc5.2
riel 3a12e29 
- fix 64 bit CFLAGS issue with vmxloader and hvmloader
riel 3a12e29
Stephen Tweedie 133e2bd 
* Wed Mar  1 2006 Stephen Tweedie <sct@redhat.com> - 3.0.1-0.20060301.fc5.1
Stephen Tweedie 133e2bd 
- Update to xen-unstable cset 9022
Stephen Tweedie 133e2bd
Stephen Tweedie e14084f 
* Tue Feb 28 2006 Stephen Tweedie <sct@redhat.com> - 3.0.1-0.20060228.fc5.1
Stephen Tweedie e14084f 
- Update to xen-unstable cset 9015
Stephen Tweedie e14084f
cec3a29 
* Thu Feb 23 2006 Jeremy Katz <katzj@redhat.com> - 3.0.1-0.20060208.fc5.3
ec0f70b 
- add patch to ensure we get a unique fifo for boot loader (#182328)
ec0f70b 
- don't try to read the whole disk if we can't find a partition table
ec0f70b 
  with pygrub
cec3a29 
- fix restarting of domains (#179677)
ec0f70b
8a29cb8 
* Thu Feb  9 2006 Jeremy Katz <katzj@redhat.com> - 3.0.1-0.20060208.fc5.2
8a29cb8 
- fix -h conflict for xenguest-isntall
8a29cb8
babd55c 
* Wed Feb  8 2006 Jeremy Katz <katzj@redhat.com> - 3.0.1-0.20060208.fc5.1
babd55c 
- turn on http listener so you can do things with libvir as a user
babd55c
28bf6a5 
* Wed Feb  8 2006 Jeremy Katz <katzj@redhat.com> - 3.0.1-0.20060208.fc5
28bf6a5 
- update to current hg snapshot for HVM support
28bf6a5 
- update xenguest-install for hvm changes.  allow hvm on svm hardware
28bf6a5 
- fix a few little xenguest-install bugs
28bf6a5
2a1c33d 
* Tue Feb  7 2006 Jeremy Katz <katzj@redhat.com> - 3.0-0.20060130.fc5.6
2a1c33d 
- add a hack to fix VMX guests with video to balloon enough (#180375)
2a1c33d
e2b0a96 
* Tue Feb  7 2006 Jeremy Katz <katzj@redhat.com> - 3.0-0.20060130.fc5.5
e2b0a96 
- fix build for new udev
e2b0a96
ce08367 
* Tue Feb  7 2006 Jeremy Katz <katzj@redhat.com> - 3.0-0.20060130.fc5.4
547ac9f 
- patch from David Lutterkort to pass macaddr (-m) to xenguest-install
a56e167 
- rework xenguest-install a bit so that it can be used for creating
a56e167 
  fully-virtualized guests as well as paravirt.  Run with --help for
a56e167 
  more details (or follow the prompts)
48e8217 
- add more docs (noticed by Andrew Puch)
547ac9f
1962ecd 
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 3.0-0.20060130.fc5.3.1
1962ecd 
- rebuilt for new gcc4.1 snapshot and glibc changes
1962ecd
f356409 
* Thu Feb  2 2006 Bill Nottingham <notting@redhat.com> 3.0-0.20060130.fc5.3
f356409 
- disable iptables/ip6tables/arptables on bridging when bringing up a
f356409 
  Xen bridge. If complicated filtering is needed that uses this, custom
f356409 
  firewalls will be needed. (#177794)
f356409
f356409 
* Tue Jan 31 2006 Bill Nottingham <notting@redhat.com> 3.0-0.20060130.fc5.2
d0c6dbb 
- use the default network device, don't hardcode eth0
d0c6dbb
Stephen Tweedie 02687b4 
* Tue Jan 31 2006  <sct@redhat.com> - 3.0-0.20060130.fc5.1
Stephen Tweedie 02687b4 
- Add xenguest-install.py in /usr/sbin
Stephen Tweedie 02687b4
Stephen Tweedie 2b45f05 
* Mon Jan 30 2006  <sct@redhat.com> - 3.0-0.20060130.fc5
Stephen Tweedie 2b45f05 
- Update to xen-unstable from 20060130 (cset 8705)
Stephen Tweedie 2b45f05
330f6e5 
* Wed Jan 25 2006 Jeremy Katz <katzj@redhat.com> - 3.0-0.20060110.fc5.5
330f6e5 
- buildrequire dev86 so that vmx firmware gets built
330f6e5 
- include a copy of libvncserver and build vmx device models against it
330f6e5
493e9c3 
* Tue Jan 24 2006 Bill Nottingham <notting@redhat.com> - 3.0-0.20060110.fc5.4
493e9c3 
- only put the udev rules in one place
493e9c3
55b6f77 
* Fri Jan 20 2006 Jeremy Katz <katzj@redhat.com> - 3.0-0.20060110.fc5.3
55b6f77 
- move xsls to xenstore-ls to not conflict (#171863)
55b6f77
Stephen Tweedie 55eaa73 
* Tue Jan 10 2006  <sct@redhat.com> - 3.0-0.20060110.fc5.1
Stephen Tweedie 55eaa73 
- Update to xen-unstable from 20060110 (cset 8526)
Stephen Tweedie 55eaa73
632cac5 
* Thu Dec 22 2005 Jesse Keating <jkeating@redhat.com> - 3.0-0.20051206.fc5.2
632cac5 
- rebuilt
632cac5
2d00114 
* Tue Dec  6 2005 Juan Quintela <quintela@trasno.org> - 3.0-0.20051206.fc5.1
2d00114 
- 20051206 version (should be 3.0.0).
2d00114 
- Remove xen-bootloader fixes (integrated upstream).
2d00114
04ef369 
* Wed Nov 30 2005 Daniel Veillard <veillard@redhat.com> - 3.0-0.20051109.fc5.4
04ef369 
- adding missing headers for libxenctrl and libxenstore
3098b9d 
- use libX11-devel build require instead of xorg-x11-devel
04ef369
83e214b 
* Mon Nov 14 2005 Jeremy Katz <katzj@redhat.com> - 3.0-0.20051109.fc5.3
83e214b 
- change default dom0 min-mem to 256M so that dom0 will try to balloon down
83e214b
e55e65e 
* Sat Nov 12 2005 Jeremy Katz <katzj@redhat.com>
e55e65e 
- buildrequire ncurses-devel (reported by Justin Dearing)
e55e65e
76c40e4 
* Thu Nov 10 2005 Jeremy Katz <katzj@redhat.com> - 3.0-0.20051109.fc5.2
76c40e4 
- actually enable the initscripts
76c40e4
433141b 
* Wed Nov  9 2005 Jeremy Katz <katzj@redhat.com> - 3.0-0.20051109.fc5.1
433141b 
- udev rules moved
433141b
5271b3e 
* Wed Nov  9 2005 Jeremy Katz <katzj@redhat.com> - 3.0-0.20051109.fc5
5271b3e 
- update to current -unstable
5271b3e 
- add patches to fix pygrub
5271b3e
10429ca 
* Wed Nov  9 2005 Jeremy Katz <katzj@redhat.com> - 3.0-0.20051108.fc5
10429ca 
- update to current -unstable
10429ca
c27ea5c 
* Fri Oct 21 2005 Jeremy Katz <katzj@redhat.com> - 3.0-0.20051021.fc5
c27ea5c 
- update to current -unstable
c27ea5c
f8272d2 
* Thu Sep 15 2005 Jeremy Katz <katzj@redhat.com> - 3.0-0.20050912.fc5.1
f8272d2 
- doesn't require twisted anymore
f8272d2
riel 9bc5a34 
* Mon Sep 12 2005 Rik van Riel <riel@redhat.com> 3.0-0.20050912.fc5
riel 9bc5a34 
- add /var/{lib,run}/xenstored to the %files section (#167496, #167121)
riel 9bc5a34 
- upgrade to today's Xen snapshot
riel 9bc5a34 
- some small build fixes for x86_64
riel 9bc5a34 
- enable x86_64 builds
riel 9bc5a34
riel 399577f 
* Thu Sep  8 2005 Rik van Riel <riel@redhat.com> 3.0-0.20050908
riel 399577f 
- explicitly call /usr/sbin/xend from initscript (#167407)
riel 399577f 
- add xenstored directories to spec file (#167496, #167121)
riel 399577f 
- misc gcc4 fixes
riel 399577f 
- spec file cleanups (#161191)
riel 399577f 
- upgrade to today's Xen snapshot
riel 399577f 
- change the version to 3.0-0.<date> (real 3.0 release will be 3.0-1)
riel 399577f
9e2a611 
* Tue Aug 23 2005 Rik van Riel <riel@redhat.com> 2-20050823
riel c78ce7f 
- upgrade to today's Xen snapshot
riel c78ce7f
riel c78ce7f 
* Mon Aug 15 2005 Rik van Riel <riel@redhat.com> 2-20050726
riel c78ce7f 
- upgrade to a known-working newer Xen, now that execshield works again
riel c78ce7f
riel 04cfbc6 
* Mon May 30 2005 Rik van Riel <riel@redhat.com> 2-20050530
riel 04cfbc6 
- create /var/lib/xen/xen-db/migrate directory so "xm save" works (#158895)
riel 04cfbc6
riel 494869e 
* Mon May 23 2005 Rik van Riel <riel@redhat.com> 2-20050522
riel 494869e 
- change default display method for VMX domains to SDL
riel 494869e
riel f45bf28 
* Fri May 20 2005 Rik van Riel <riel@redhat.com> 2-20050520
riel f45bf28 
- qemu device model for VMX
riel f45bf28
riel e7957c7 
* Thu May 19 2005 Rik van Riel <riel@redhat.com> 2-20050519
riel e7957c7 
- apply some VMX related bugfixes
riel e7957c7
riel 5081557 
* Mon Apr 25 2005 Rik van Riel <riel@redhat.com> 2-20050424
riel 5081557 
- upgrade to last night's snapshot
riel 5081557
35aabcb 
* Fri Apr 15 2005 Jeremy Katz <katzj@redhat.com>
35aabcb 
- patch manpath instead of moving in specfile.  patch sent upstream
35aabcb 
- install to native python path instead of /usr/lib/python
35aabcb 
- other misc specfile duplication cleanup
35aabcb
riel 6d70db1 
* Sun Apr  3 2005 Rik van Riel <riel@redhat.com> 2-20050403
riel 6d70db1 
- fix context switch between vcpus in same domain, vcpus > cpus works again
riel 6d70db1
riel 21a2f91 
* Sat Apr  2 2005 Rik van Riel <riel@redhat.com> 2-20050402
riel f2021d8 
- move initscripts to /etc/rc.d/init.d (Florian La Roche) (#153188)
riel 21a2f91 
- ship only PDF documentation, not the PS or tex duplicates
riel f2021d8
riel a79506f 
* Thu Mar 31 2005 Rik van Riel <riel@redhat.com> 2-20050331
riel a79506f 
- upgrade to new xen hypervisor
riel a79506f 
- minor gcc4 compile fix
riel a79506f
riel 1e62129 
* Mon Mar 28 2005 Rik van Riel <riel@redhat.com> 2-20050328
riel 1e62129 
- do not yet upgrade to new hypervisor ;)
riel 1e62129 
- add barrier to fix SMP boot bug
riel 1e62129 
- add tags target
riel 1e62129 
- add zlib-devel build requires (#150952)
riel 1e62129
riel 53d36eb 
* Wed Mar  9 2005 Rik van Riel <riel@redhat.com> 2-20050308
riel 53d36eb 
- upgrade to last night's snapshot
riel 53d36eb 
- new compile fix patch
riel 53d36eb
riel 53d36eb 
* Sun Mar  6 2005 Rik van Riel <riel@redhat.com> 2-20050305
riel 53d36eb 
- the gcc4 compile patches are now upstream
riel 53d36eb 
- upgrade to last night's snapshot, drop patches locally
riel 53d36eb
riel 3ad7420 
* Fri Mar  4 2005 Rik van Riel <riel@redhat.com> 2-20050303
riel 3ad7420 
- finally got everything to compile with gcc4 -Wall -Werror
riel 3ad7420
riel 0197a65 
* Thu Mar  3 2005 Rik van Riel <riel@redhat.com> 2-20050303
riel 0197a65 
- upgrade to last night's Xen-unstable snapshot
riel 0197a65 
- drop printf warnings patch, which is upstream now
riel 0197a65
riel 157fedf 
* Wed Feb 23 2005 Rik van Riel <riel@redhat.com> 2-20050222
riel 157fedf 
- upgraded to last night's Xen snapshot
riel 157fedf 
- compile warning fixes are now upstream, drop patch
riel 157fedf
riel dcda968 
* Sat Feb 19 2005 Rik van Riel <riel@redhat.com> 2-20050219
riel dcda968 
- fix more compile warnings
riel dcda968 
- fix the fwrite return check
riel dcda968
riel 4308e6b 
* Fri Feb 18 2005 Rik van Riel <riel@redhat.com> 2-20050218
riel 4308e6b 
- upgrade to last night's Xen snapshot
riel 4308e6b 
- a kernel upgrade is needed to run this Xen, the hypervisor
riel 4308e6b 
  interface changed slightly
riel 86cde2c 
- comment out unused debugging function in plan9 domain builder
riel 86cde2c 
  that was giving compile errors with -Werror
riel 4308e6b
riel 7c7101e 
* Tue Feb  8 2005 Rik van Riel <riel@redhat.com> 2-20050207
riel 7c7101e 
- upgrade to last night's Xen snapshot
riel 7c7101e
riel 5da0d0b 
* Tue Feb  1 2005 Rik van Riel <riel@redhat.com> 2-20050201.1
riel 5da0d0b 
- move everything to /var/lib/xen
riel 5da0d0b
riel 8cdabee 
* Tue Feb  1 2005 Rik van Riel <riel@redhat.com> 2-20050201
riel 8cdabee 
- upgrade to new upstream Xen snapshot
riel 8cdabee
2896a1b 
* Tue Jan 25 2005 Jeremy Katz <katzj@redhat.com>
2896a1b 
- add buildreqs on python-devel and xorg-x11-devel (strange AT nsk.no-ip.org)
2896a1b
riel cd28514 
* Mon Jan 24 2005 Rik van Riel <riel@redhat.com> - 2-20050124
riel cd28514 
- fix /etc/xen/scripts/network to not break with ipv6 (also sent upstream)
riel cd28514
bc8a8c4 
* Fri Jan 14 2005 Jeremy Katz <katzj@redhat.com> - 2-20050114
bc8a8c4 
- update to new snap
bc8a8c4 
- python-twisted is its own package now
ce6c3d2 
- files are in /usr/lib/python now as well, ugh.
bc8a8c4
riel cd84695 
* Tue Jan 11 2005 Rik van Riel <riel@redhat.com>
riel cd84695 
- add segment fixup patch from xen tree
riel cd84695 
- fix %files list for python-twisted
riel cd84695
riel cd84695 
* Mon Jan 10 2005 Rik van Riel <riel@redhat.com>
riel 31e8bc0 
- grab newer snapshot, that does start up
riel 31e8bc0 
- add /var/xen/xend-db/{domain,vnet} to %files section
riel 31e8bc0
riel 2399a2e 
* Thu Jan  6 2005 Rik van Riel <riel@redhat.com>
riel 2399a2e 
- upgrade to new snapshot of xen-unstable
riel 2399a2e
riel 6c70f7b 
* Mon Dec 13 2004 Rik van Riel <riel@redhat.com>
riel 6c70f7b 
- build python-twisted as a subpackage
riel 6c70f7b 
- update to latest upstream Xen snapshot
riel 6c70f7b
riel f62f1e3 
* Sun Dec  5 2004 Rik van Riel <riel@redhat.com>
riel bf95569 
- grab new Xen tarball (with wednesday's patch already included)
riel f62f1e3 
- transfig is a buildrequire, add it to the spec file
riel bf95569
riel bf95569 
* Wed Dec  1 2004 Rik van Riel <riel@redhat.com>
riel bf95569 
- fix up Che's spec file a little bit
riel bf95569 
- create patch to build just Xen, not the kernels
riel bf95569
riel bf95569 
* Wed Dec 01 2004 Che
riel bf95569 
- initial rpm release
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.