<p>Xen 4.2.1 is a maintenance release in the 4.2 series and contains:</p>
<ul>
- <li>TODO: add items here</li>
+ <li>The release fixes the following critical vulnerabilities:</li>
+ <ul>
+ <li>CVE-2012-4535 / XSA-20: Timer overflow DoS vulnerability</li>
+ <li>CVE-2012-4537 / XSA-22: Memory mapping failure DoS vulnerability</li>
+ <li>CVE-2012-4538 / XSA-23: Unhooking empty PAE entries DoS vulnerability</li>
+ <li>CVE-2012-4539 / XSA-24: Grant table hypercall infinite loop DoS vulnerability</li>
+ <li>CVE-2012-4544, CVE-2012-2625 / XSA-25: Xen domain builder Out-of-memory due to malicious kernel/ramdisk</li>
+ <li>CVE-2012-5510 / XSA-26: Grant table version switch list corruption vulnerability</li>
+ <li>CVE-2012-5511 / XSA-27: Several HVM operations do not validate the range of their inputs</li>
+ <li>CVE-2012-5513 / XSA-29: XENMEM_exchange may overwrite hypervisor memory</li>
+ <li>CVE-2012-5514 / XSA-30: Broken error handling in guest_physmap_mark_populate_on_demand()</li>
+ <li>CVE-2012-5515 / XSA-31: Several memory hypercall operations allow invalid extent order values</li>
+ <li>CVE-2012-5525 / XSA-32: several hypercalls do not validate input GFNs</li>
+ </ul>
+ <li>Among many bug fixes and improvements (around 100 since Xen 4.2.0):</li>
+ <ul>
+ <li>A fix for a long standing time management issue</li>
+ <li>Bug fixes for S3 (suspend to RAM) handling</li>
+ <li>Bug fixes for other low level system state handling</li>
+ <li>Bug fixes and improvements to the libxl tool stack</li>
+ <li>Bug fixes to nested virtualization</li>
+ </ul>
</ul>
- <p> The Xen 4.2 release contains a number of important new features and updates including:</p>
-
- <p>The release incorporates many new features and improvements to existing features. There are improvements
+ <p>The Xen 4.2 release incorporates many new features and improvements to existing features. There are improvements
across the board including to Security, Scalability, Performance and Documentation.<ul>
<li><strong>XL is now the default toolstack</strong>: Significant effort has gone in to the XL
<h2>Xen Hypervisor 4.2 Acknowledgements</h2>
<p>Contributions were made to this release by 124 individuals from 43 organizations, not counting contributions
to external projects such as the BSDs, Linux or qemu. Many thanks to everyone who contributed to this release, either
- through code, testing, documentation or in any other way. </p>
-
- <pp>The diagram below shows organisations which contributed more than 1% in lines of code to the Xen 4.2 release.
- Several items in the diagram discribe groups of people or organisations: <em>Individual</em> covers contributions
- by individuals whose affiliation is unknown, <em>Misc</em> covers contributions by commercial organisations which
- did not go above 1% individually and <em>University</em> covers contributions by Universities which did not go above
- 1% individually.</p>
- <img src="/images/xen/Xen_4_2_Contribution_Stats.png">
-
- <p>For a complete breakdown of community contributions, see <a href="http://wiki.xen.org/wiki/Xen_4.2_Acknowledgments">Xen 4.2 Acknowledgements</a>.</p>
+ through code, testing, documentation or in any other way. For a complete breakdown of community contributions,
+ see <a href="http://wiki.xen.org/wiki/Xen_4.2_Acknowledgments">Xen 4.2 Acknowledgements</a>.</p>
</table>
projects / people / larsk / xenproject-org-websites.git / commitdiff