Just finishing off the final touches to my Xen RPMs for version 4.1.3. Changes from the Xen release notes include:
Xen.org is pleased to announce the release of Xen 4.0.4 and 4.1.3. These fix the following critical vulnerabilities: * CVE-2012-0217 / XSA-7: PV guest privilege escalation vulnerability * CVE-2012-0218 / XSA-8: guest denial of service on syscall/sysenter exception generation * CVE-2012-2934 / XSA-9: PV guest host Denial of Service * CVE-2012-3432 / XSA-10: HVM guest user mode MMIO emulation DoS vulnerability * CVE-2012-3433 / XSA-11: HVM guest destroy p2m teardown host DoS vulnerabilityNOTE: My previous 4.1.2 packages were already fixed for XSA-7, XSA-8, and XSA-9.
We recommend all users of the 4.0 and 4.1 stable series to update to these latest point releases.
Among many bug fixes and improvements (over 100 since Xen 4.1.2): * Updates for the latest Intel/AMD CPU revisions * Bug fixes and improvements to the libxl tool stack * Bug fixes for IOMMU handling (device passthrough to HVM guests) * Bug fixes for host kexec/kdump
The new packages can be installed via yum - or if you're a first time installer, you should follow the guide.