We are pleased to announce the release of Xen 4.6.6. This is available immediately from its git repository
https://xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.6 (tag RELEASE-4.6.6) or from this download page
This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

• d708b695a3: update Xen version to 4.6.6 [Jan Beulich]
• f7ad92a74f: memory: don’t suppress P2M update in populate_physmap() [Jan Beulich]
• 4efd74db51: xen/arm: vgic: Sanitize target mask used to send SGI [Julien Grall]
• ac3a1ba5a5: gnttab: __gnttab_unmap_common_complete() is all-or-nothing [Jan Beulich]
• 0ce04603c7: gnttab: correct logic to get page references during map requests [George Dunlap]
• af6c8e9227: gnttab: never create host mapping unless asked to [Jan Beulich]
• 3a3aa4f136: gnttab: fix handling of dev_bus_addr during unmap [George Dunlap]
• 9dd5de08d2: arm: vgic: Don’t update the LR when the IRQ is not enabled [Julien Grall]
• 398b60f171: guest_physmap_remove_page() needs its return value checked [Jan Beulich]
• d23eb82c8a: memory: fix return value handing of guest_remove_page() [Andrew Cooper]
• d7a42bb64a: evtchn: avoid NULL derefs [Jan Beulich]
• 86f4ece7c6: x86: avoid leaking BND* between vCPU-s [Jan Beulich]
• 4d13019cb0: x86/shadow: hold references for the duration of emulated writes [Andrew Cooper]
• 87e0e5d577: gnttab: correct maptrack table accesses [Jan Beulich]
• 819044abe4: gnttab: Avoid potential double-put of maptrack entry [George Dunlap]
• 8083370aef: gnttab: fix unmap pin accounting race [Jan Beulich]
• a6f0e7cce5: IOMMU: handle IOMMU mapping and unmapping failures [Quan Xu]
• c921a02fda: x86/mm: disallow page stealing from HVM domains [Jan Beulich]
• 2893fce1b7: arm: remove irq from inflight, then change physical affinity [Stefano Stabellini]
• 16cfd7d754: xen/arm: Survive unknown traps from guests [Julien Grall]
• 8ea4c4766a: xen/arm: do_trap_hypervisor: Separate hypervisor and guest traps [Julien Grall]
• d459aa6c85: xen/arm: Save ESR_EL2 to avoid using mismatched value in syndrome check [Wei Chen]
• 9e469a5f8e: xen/arm: flush icache as well when XEN_DOMCTL_cacheflush is issued [Stefano Stabellini]
• 7c5a9573af: xen/arm32: Add an helper to invalidate all instruction caches [Konrad Rzeszutek Wilk]
• 59c54aa744: xen/arm64: Add an helper to invalidate all instruction caches [Julien Grall]
• 314915cb4a: stop_machine: fill fn_result only in case of error [Gregory Herrero]
• 866b2b274d: arm: fix build with gcc 7 [Jan Beulich]
• 7a46badcf4: x86: fix build with gcc 7 [Jan Beulich]
• 38e8ab9e1c: x86/mm: fix incorrect unmapping of 2MB and 1GB pages [Igor Druzhinin]
• 13e84e665d: x86/pv: Align %rsp before pushing the failsafe stack frame [Andrew Cooper]
• ff3f674fa2: x86/pv: Fix bugs with the handling of int80_bounce [Andrew Cooper]
• 267bf9f3ae: x86/vpmu_intel: fix hypervisor crash by masking PC bit in MSR_P6_EVNTSEL [Mohit Gambhir]
• 6fe723ef8c: hvm: fix hypervisor crash in hvm_save_one() [Jan Beulich]
• d48df03309: x86/32on64: properly honor add-to-physmap-batch’s size [Jan Beulich]
• 7496924db2: tools/libxc: Tolerate specific zero-content records in migration v2 streams [Andrew Cooper]
• 24f5900a08: libxc: fix segfault on uninitialized xch->fmem [Seraphime Kirkovski]
• 4f29090966: x86/mce: always re-initialize ‘severity_cpu’ in mcheck_cmn_handler() [Haozhong Zhang]
• 2b0bb908f7: x86/mce: make ‘severity_cpu’ private to its users [Haozhong Zhang]
• c4c37506fa: memory: don’t hand MFN info to translated guests [Jan Beulich]
• 7622465448: memory: exit early from memory_exchange() upon write-back error [Jan Beulich]
• 68fa691190: kexec: clear kexec_image slot when unloading kexec image [Bhavesh Davda]
• eb9a3bfd87: x86: correct create_bounce_frame [Jan Beulich]
• dcef165527: x86: discard type information when stealing pages [Jan Beulich]
• fc7839698c: multicall: deal with early exit conditions [Jan Beulich]
• cf35a354ef: setup vwfi correctly on cpu0 [Stefano Stabellini]
• 97462479d2: oxenstored: trim history in the frequent_ops function [Thomas Sanders]
• f0f3d439b1: oxenstored transaction conflicts: improve logging [Thomas Sanders]
• d9c4094f97: oxenstored: don’t wake to issue no conflict-credit [Thomas Sanders]
• 66cb2ebf92: oxenstored: do not commit read-only transactions [Thomas Sanders]
• 3d1affc787: oxenstored: allow self-conflicts [Thomas Sanders]
• 4eff891f1b: oxenstored: blame the connection that caused a transaction conflict [Jonathan Davies]
• 05ccb713b2: oxenstored: track commit history [Jonathan Davies]
• 1eebd16fd5: oxenstored: discard old commit-history on txn end [Thomas Sanders]
• f4d16c9b70: oxenstored: only record operations with side-effects in history [Jonathan Davies]
• 9050a970c8: oxenstored: support commit history tracking [Jonathan Davies]
• 5c609c8780: oxenstored: add transaction info relevant to history-tracking [Jonathan Davies]
• 4d69c19cf6: oxenstored: ignore domains with no conflict-credit [Thomas Sanders]
• ab889fb948: oxenstored: handling of domain conflict-credit [Thomas Sanders]
• 307357318a: oxenstored: comments explaining some variables [Thomas Sanders]
• bf22c39e4b: oxenstored: allow compilation prior to OCaml 3.12.0 [Jonathan Davies]
• 898b7c4977: oxenstored: log request and response during transaction replay [Jonathan Davies]
• 159a61072d: oxenstored: replay transaction upon conflict [Jonathan Davies]
• 39726290e9: oxenstored: move functions that process simple operations [Jonathan Davies]
• ebb5a34e85: oxenstored: keep track of each transaction’s operations [Jonathan Davies]
• a991af7901: oxenstored: refactor request processing [Jonathan Davies]
• 06222e5b48: oxenstored: remove some unused parameters [Jonathan Davies]
• a57a99ae0f: oxenstored: refactor putting response on wire [Jonathan Davies]
• 400063dcdf: xenstored: Log when the write transaction rate limit bites [Ian Jackson]
• f6d08885c3: xenstored: apply a write transaction rate limit [Ian Jackson]
• bb92bb77bc: x86: use 64 bit mask when masking away mfn bits [Juergen Gross]
• ef63a62b3a: memory: properly check guest memory ranges in XENMEM_exchange handling [Jan Beulich]
• f96efeb0c6: Revert “xen: sched: don’t call hooks of the wrong scheduler via VCPU2OP” [Jan Beulich]
• 7ff6d9fc19: xen: sched: don’t call hooks of the wrong scheduler via VCPU2OP [Dario Faggioli]
• 7017321d9b: x86/EFI: avoid Xen image when looking for module/kexec position [Jan Beulich]
• 541ad61a92: x86/EFI: avoid overrunning mb_modules[] [Jan Beulich]
• 4f9617120b: build/clang: fix XSM dummy policy when using clang 4.0 [Roger Pau Monné]
• 9eb0aa2f47: x86: drop unneeded __packed attributes [Roger Pau Monné]
• ac4c5d4ddf: QEMU_TAG update [Ian Jackson]
• 18949dc6e1: x86/emul: Correct the decoding of mov to/from cr/dr [Andrew Cooper]
• eea0742f3b: xen: credit2: don’t miss accounting while doing a credit reset. [Dario Faggioli]
• 90ae9a76e3: xen: credit2: always mark a tickled pCPU as… tickled! [Dario Faggioli]
• ef5eb08944: x86/vmx: Don’t leak host syscall MSR state into HVM guests [Andrew Cooper]
• 48c3bd0e28: update Xen version to 4.6.6-pre [Jan Beulich]
• b0577dd0c6: xen/arm: fix affected memory range by dcache clean functions [Stefano Stabellini]
• 82fde4fa36: xen/arm: introduce vwfi parameter [Stefano Stabellini]</li?

In addition, this release also contains the following fixes to qemu-traditional:

• 57ca3f4a: cirrus/vnc: zap drop bitblit support from console code. [Gerd Hoffmann]

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check https://xenbits.xenproject.org/gitweb/?p=qemu-xen.git;a=shortlog (between tags qemu-xen-4.6.5 and qemu-xen-4.6.6).
This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes.

See https://xenbits.xenproject.org/xsa/ for details related to Xen Project security advisories.
We recommend all users of the 4.6 stable series to update to this latest point release.