We are pleased to announce the release of Xen 4.11.4. This is available immediately from its git repository 

https://xenbits.xenproject.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.11 (tag RELEASE-4.11.4) or from this download page

This release contains the following bug-fixes and improvements in the Xen Project hypervisor:

• 96a8b5bc48: update Xen version to 4.11.4 [Jan Beulich]
• d353f82b2e: gnttab: fix GNTTABOP_copy continuation handling [Jan Beulich]
• 52da38987a: xen/gnttab: Fix error path in map_grant_ref() [Ross Lagerwall]
• d430e15e02: xen/rwlock: Add missing memory barrier in the unlock path of rwlock [Julien Grall]
• 7900cb7c18: xenoprof: limit consumption of shared buffer data [Jan Beulich]
• 06a5a277c7: xenoprof: clear buffer intended to be shared with guests [Jan Beulich]
• affb032b9b: credit2: fix credit reset happening too few times [Dario Faggioli]
• 5adb81ae7b: credit2: avoid vCPUs to ever reach lower credits than idle [Dario Faggioli]
• 4b4ec47973: x86/ucode/amd: Fix more potential buffer overruns with microcode parsing [Andrew Cooper]
• 8f51dad75b: x86/HVM: fix AMD ECS handling for Fam10 [Jan Beulich]
• 09508fda40: x86/ucode/amd: Fix potential buffer overrun with equiv table handling [Andrew Cooper]
• ac3b39ce83: x86/ucode: Fix error paths in apply_microcode() [Andrew Cooper]
• 480d9b4784: x86/shim: fix ballooning up the guest [Igor Druzhinin]
• dfcd120e81: x86/vPMU: don’t blindly assume IA32_PERF_CAPABILITIES MSR exists [Jan Beulich]
• 696d142276: AMD/IOMMU: fix off-by-one in amd_iommu_get_paging_mode() callers [Jan Beulich]
• 6bc54c0696: x86/msr: Virtualise MSR_PLATFORM_ID properly [Andrew Cooper]
• f9e2a60b39: VT-d: check all of an RMRR for being E820-reserved [Jan Beulich]
• 98cf186a3e: x86/time: report correct frequency of Xen PV clocksource [Igor Druzhinin]
• a12c52d18c: x86/shim: suspend and resume platform time correctly [Igor Druzhinin]
• 21fc266776: x86/smp: reset x2apic_enabled in smp_send_stop() [David Woodhouse]
• 722458767a: xen/pvh: Fix segment selector ABI [Andrew Cooper]
• 2ffed5c92f: xmalloc: guard against integer overflow [Jan Beulich]
• 8348cc77e6: EFI: don’t leak heap contents through XEN_EFI_get_next_variable_name [Jan Beulich]
• a4f502e030: EFI: re-check {get,set}-variable name strings after copying in [Jan Beulich]
• 5abd261189: xen/x86: domctl: Don’t leak data via XEN_DOMCTL_gethvmcontext [Julien Grall]
• b187c14ada: x86/suspend: disable watchdog before calling console_start_sync() [Igor Druzhinin]
• 8fa29762bc: x86/apic: fix disabling LVT0 in disconnect_bsp_APIC [Roger Pau Monné]
• 9e48fafe4d: VT-d: don’t pass bridge devices to domain_context_mapping_one() [Jan Beulich]
• 888a7da8c9: x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD [Igor Druzhinin]
• 06adda76b6: x86/time: update TSC stamp on restore from deep C-state [Igor Druzhinin]
• 346eae8ed9: IRQ: u16 is too narrow for an event channel number [Jan Beulich]
• 0e126ccb0c: x86: clear per cpu stub page information in cpu_smpboot_free() [Juergen Gross]
• ddffc4d8a0: xen/arm: Place a speculation barrier sequence following an eret instruction [Julien Grall]
• 14b62ab3e5: lz4: fix system halt at boot kernel on x86_64 [Krzysztof Kolasa]
• 6561994b87: lz4: refine commit 9143a6c55ef7 for the 64-bit case [Jan Beulich]
• f562c6bb93: x86/tlbflush: do not toggle the PGE CR4 bit unless necessary [Roger Pau Monné]
• d35cbee6e1: x86: avoid HPET use on certain Intel platforms [Jan Beulich]
• 85e047d388: gnttab: make sure grant map operations don’t skip their IOMMU part [Jan Beulich]
• d9dd8639e0: x86/psr: fix bug which may cause crash [Yi Sun]
• 0e5be46076: x86 / iommu: set up a scratch page in the quarantine domain [Paul Durrant]
• 146d5bde67: xen/x86: vpmu: Unmap per-vCPU PMU page when the domain is destroyed [Julien Grall]
• 81bd09fc7c: x86/svm: Write the correct %eip into the outgoing task [Andrew Cooper]
• b9527ec8f3: x86/svm: Always intercept ICEBP [Andrew Cooper]
• d6272494bd: x86/vtx: Fix fault semantics for early task switch failures [Andrew Cooper]
• d397a5a31a: x86/vmx: always sync PIR to IRR before vmentry [Roger Pau Monné]
• 6a4006708f: x86/domctl: have XEN_DOMCTL_getpageframeinfo3 preemptible [Anthony PERARD]
• a700446b70: x86/tss: Fix clang build following c/s 7888440625 [Andrew Cooper]
• 0d91d9decb: x86: Don’t increase ApicIdCoreSize past 7 [George Dunlap]
• 005c9b8bb5: AMD/IOMMU: Cease using a dynamic height for the IOMMU pagetables [Andrew Cooper]
• 1432cd5320: x86/mm: relinquish_memory: Grab an extra type ref when setting PGT_partial [George Dunlap]
• 608be81790: x86/mm: alloc/free_lN_table: Retain partial_flags on -EINTR [George Dunlap]
• d81c7114a4: x86/mm: Set old_guest_table when destroying vcpu pagetables [George Dunlap]
• 3d2cc67c46: x86/mm: Don’t reset linear_pt_count on partial validation [George Dunlap]
• d4a67be45f: x86/vtx: Work around SingleStep + STI/MovSS VMEntry failures [Andrew Cooper]
• b8a8278277: x86+Arm32: make find_next_{,zero_}bit() have well defined behavior [Jan Beulich]
• 06555fdec4: update Xen version to 4.11.4-pre [Jan Beulich]
• 239d37e514: xen:arm: Populate arm64 image header [Amit Singh Tomar]

In addition, this release also contains the following fixes to qemu-traditional:

This release also contains changes to qemu-upstream, whose changelogs we do not list here as it contains many changes that are not directly releated to the Xen Project Hypervisor and thus this release. However, you can check https://xenbits.xenproject.org/gitweb/?p=qemu-xen.git;a=shortlog (between tags qemu-xen-4.11.3 and qemu-xen-4.11.4).

This release, which includes source code for qemu-traditional and qemu-upstream, contains the following security fixes. 

See https://xenbits.xenproject.org/xsa/ for details related to Xen Project security advisories.

We recommend all users of the 4.11 stable series to update to this latest point release.