Linux repositories inspector

xen-utils-4.8 - XEN administrative tools

The userspace tools to manage a system virtualized through the XEN virtual machine monitor.
qemu-utils and seabios are neded for "Xen HVM" (amd64 and i386)
4.8.5
Debian iconDebian 9.0
DistributionVersionSincePackageInstalledPackager
Debian iconDebian 9.0 stretch/maindeb4.8.5+shim4.10.2+xsa282-1+deb9u11Feb 16414 kiB1.66 MiB

Latest updates

Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.8.5+shim4.10.2+xsa282-1+deb9u11 removed

Feb 16
Debian 9.0 icon

Debian 9.0 stretch/main: Updated from 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10 to 4.8.5+shim4.10.2+xsa282-1+deb9u11

Feb 16
  • Update to new upstream versions:
    • Main tree updated to Xen 4.8.5
    • Shim updated to current upstream stable-4.10 branch, to avoid errors trying to cherry-pick security patches.
  • This includes fixes to:

    XSA-282 CVE-2018-19967 Xen 4.8 and 4.10 shim
    XSA-280 CVE-2018-19966 Xen 4.8 and 4.10 shim
    XSA-279 CVE-2018-19965 Xen 4.8 and 4.10 shim
    XSA-275 CVE-2018-19961 CVE-2018-19962 Xen 4.8 and 4.10 shim
    XSA-278 CVE-2018-18883 Xen 4.10 shim only

  • For completeness, the following fixes are not applicable:

    XSA-274 CVE-2018-14678 Bug is in Linux
    XSA-270 CVE-2018-15471 Bug is in Linux
    XSA-271 CVE-2018-14007 Bug is in XAPI (not in Debian)
    XSA-277 CVE-2018-19964 Bug not in either 4.8 or 4.10
    XSA-276 CVE-2018-19963 Bug not in either 4.8 or 4.10

  • Added CVEs to previous changelog entries:
    1. 8.4+xsa273+shim4.10.1+xsa273-1+deb9u10
    2. 8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.8.5+shim4.10.2+xsa282-1+deb9u11 introduced

Jan 29
  • Update to new upstream versions:
    • Main tree updated to Xen 4.8.5
    • Shim updated to current upstream stable-4.10 branch, to avoid errors trying to cherry-pick security patches.
  • This includes fixes to:

    XSA-282 CVE-2018-19967 Xen 4.8 and 4.10 shim
    XSA-280 CVE-2018-19966 Xen 4.8 and 4.10 shim
    XSA-279 CVE-2018-19965 Xen 4.8 and 4.10 shim
    XSA-275 CVE-2018-19961 CVE-2018-19962 Xen 4.8 and 4.10 shim
    XSA-278 CVE-2018-18883 Xen 4.10 shim only

  • For completeness, the following fixes are not applicable:

    XSA-274 CVE-2018-14678 Bug is in Linux
    XSA-270 CVE-2018-15471 Bug is in Linux
    XSA-271 CVE-2018-14007 Bug is in XAPI (not in Debian)
    XSA-277 CVE-2018-19964 Bug not in either 4.8 or 4.10
    XSA-276 CVE-2018-19963 Bug not in either 4.8 or 4.10

  • Added CVEs to previous changelog entries:
    1. 8.4+xsa273+shim4.10.1+xsa273-1+deb9u10
    2. 8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
Debian 10.0 icon

Debian 10.0 buster/main: Version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5 removed

Jan 12
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7 removed

Jan 12
Debian 9.0 icon

Debian 9.0 stretch/main: Updated from 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5 to 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10

Jan 12
  • Update to new upstream version 4.8.4+xsa273+shim4.10.1+xsa273.

    XSA-273 (CVE-2018-3620,CVE-2018-3646)
    XSA-272 (no CVE yet)
    XSA-269 (no CVE yet)
    XSA-268 (no CVE yet)

    This version is, again, a combination of staging-4.8 and staging-4.10
    for Xen and shim respectively as in previous versions.

Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7 introduced

2018-06-19
Debian 10.0 icon

Debian 10.0 buster/main: Updated from 4.8.2+xsa245-0+deb9u1 to 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5

2018-03-14
  • Security fixes from upstream XSAs:

    XSA-252 CVE-2018-7540
    XSA-255 CVE-2018-7541
    XSA-256 CVE-2018-7542

    The upstream BTI changes from XSA-254 (Spectre v2 mitigation) are *not* included. They are currently failing in upstream CI.
  • init scripts: Do not kill per-domain qemu processes. Closes:#879751.
  • Install Meltdown READMEs on all architectures. Closes:#890488.
  • Ship xen-diag (by cherry-picking the appropriate commits from upstream). This can help with diagnosis of #880554.
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5 removed

2018-03-14
Debian 9.0 icon

Debian 9.0 stretch/main: Updated from 4.8.2+xsa245-0+deb9u1 to 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5

2018-03-14
  • Security fixes from upstream XSAs:

    XSA-252 CVE-2018-7540
    XSA-255 CVE-2018-7541
    XSA-256 CVE-2018-7542

    The upstream BTI changes from XSA-254 (Spectre v2 mitigation) are *not* included. They are currently failing in upstream CI.
  • init scripts: Do not kill per-domain qemu processes. Closes:#879751.
  • Install Meltdown READMEs on all architectures. Closes:#890488.
  • Ship xen-diag (by cherry-picking the appropriate commits from upstream). This can help with diagnosis of #880554.
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Updated from 4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1 to 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5

2018-03-07
  • Security fixes from upstream XSAs:

    XSA-252 CVE-2018-7540
    XSA-255 CVE-2018-7541
    XSA-256 CVE-2018-7542

    The upstream BTI changes from XSA-254 (Spectre v2 mitigation) are *not* included. They are currently failing in upstream CI.
  • init scripts: Do not kill per-domain qemu processes. Closes:#879751.
  • Install Meltdown READMEs on all architectures. Closes:#890488.
  • Ship xen-diag (by cherry-picking the appropriate commits from upstream). This can help with diagnosis of #880554.
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1 introduced

2018-02-26
  • Fix builds on other than amd64.
Debian 10.0 icon

Debian 10.0 buster/main: Updated from 4.8.1-1+deb9u3 to 4.8.2+xsa245-0+deb9u1

2017-12-10
  • Update to upstream stable 4.8 branch, which is currently at Xen 4.8.2 plus a number of bugfixes and security fixes.
    Result is that we now include security fixes for:

    XSA-231 CVE-2017-14316
    XSA-232 CVE-2017-14318
    XSA-233 CVE-2017-14317
    XSA-234 CVE-2017-14319
    (235 already included in 4.8.1-1+deb9u3)
    XSA-236 CVE-2017-15597
    XSA-237 CVE-2017-15590
    XSA-238 (no CVE yet)
    XSA-239 CVE-2017-15589
    XSA-240 CVE-2017-15595
    XSA-241 CVE-2017-15588
    XSA-242 CVE-2017-15593
    XSA-243 CVE-2017-15592
    XSA-244 CVE-2017-15594
    XSA-245 (no CVE yet)

    and a number of upstream functionality fixes, which are not easily disentangled from the security fixes.
  • Apply two more security fixes:

    XSA-246 (no CVE yet)
    XSA-247 (no CVE yet)

Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.8.2+xsa245-0+deb9u1 removed

2017-12-09
Debian 9.0 icon

Debian 9.0 stretch/main: Updated from 4.8.1-1+deb9u3 to 4.8.2+xsa245-0+deb9u1

2017-12-09
  • Update to upstream stable 4.8 branch, which is currently at Xen 4.8.2 plus a number of bugfixes and security fixes.
    Result is that we now include security fixes for:

    XSA-231 CVE-2017-14316
    XSA-232 CVE-2017-14318
    XSA-233 CVE-2017-14317
    XSA-234 CVE-2017-14319
    (235 already included in 4.8.1-1+deb9u3)
    XSA-236 CVE-2017-15597
    XSA-237 CVE-2017-15590
    XSA-238 (no CVE yet)
    XSA-239 CVE-2017-15589
    XSA-240 CVE-2017-15595
    XSA-241 CVE-2017-15588
    XSA-242 CVE-2017-15593
    XSA-243 CVE-2017-15592
    XSA-244 CVE-2017-15594
    XSA-245 (no CVE yet)

    and a number of upstream functionality fixes, which are not easily disentangled from the security fixes.
  • Apply two more security fixes:

    XSA-246 (no CVE yet)
    XSA-247 (no CVE yet)

Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.8.2+xsa245-0+deb9u1 introduced

2017-11-29
  • Update to upstream stable 4.8 branch, which is currently at Xen 4.8.2 plus a number of bugfixes and security fixes.
    Result is that we now include security fixes for:

    XSA-231 CVE-2017-14316
    XSA-232 CVE-2017-14318
    XSA-233 CVE-2017-14317
    XSA-234 CVE-2017-14319
    (235 already included in 4.8.1-1+deb9u3)
    XSA-236 CVE-2017-15597
    XSA-237 CVE-2017-15590
    XSA-238 (no CVE yet)
    XSA-239 CVE-2017-15589
    XSA-240 CVE-2017-15595
    XSA-241 CVE-2017-15588
    XSA-242 CVE-2017-15593
    XSA-243 CVE-2017-15592
    XSA-244 CVE-2017-15594
    XSA-245 (no CVE yet)

    and a number of upstream functionality fixes, which are not easily disentangled from the security fixes.
  • Apply two more security fixes:

    XSA-246 (no CVE yet)
    XSA-247 (no CVE yet)

Debian 10.0 icon

Debian 10.0 buster/main: Version 4.8.1-1+deb9u3 introduced

2017-11-10
  • Security fixes for

    XSA-226 CVE-2017-12135
    XSA-227 CVE-2017-12137
    XSA-228 CVE-2017-12136
    XSA-230 CVE-2017-12855
    XSA-235 (no CVE yet)

  • Adjust changelog entry for 4.8.1-1+deb9u2 to record
    that XSA-225 fix was indeed included.
  • Security fix for XSA-229 not included as that bug is in Linux, not Xen.
  • Security fixes for XSA-231..234 inc. not inclued as still embargoed.
Debian 9.0 icon

Debian 9.0 stretch/main: Version 4.8.1-1+deb9u3 introduced

2017-11-10
  • Security fixes for

    XSA-226 CVE-2017-12135
    XSA-227 CVE-2017-12137
    XSA-228 CVE-2017-12136
    XSA-230 CVE-2017-12855
    XSA-235 (no CVE yet)

  • Adjust changelog entry for 4.8.1-1+deb9u2 to record
    that XSA-225 fix was indeed included.
  • Security fix for XSA-229 not included as that bug is in Linux, not Xen.
  • Security fixes for XSA-231..234 inc. not inclued as still embargoed.

Related packages

xen - Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
⇧ Top