Downloads

Xen Project 4.2.5

We are pleased to announce the release of Xen 4.2.5.
This is available immediately from its git repository http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.2 (tag RELEASE-4.2.5) or from this page
Note that this is expected to be the last release of the 4.2 stable series. The tree will be switched to security only maintenance mode after this release.
This release fixes the following critical vulnerabilities:

CVE-2014-2599 / XSA-89 HVMOP_set_mem_access is not preemptible
CVE-2014-3124 / XSA-92 HVMOP_set_mem_type allows invalid P2M entries to be created
CVE-2014-3967,CVE-2014-3968 / XSA-96 Vulnerabilities in HVM MSI injection
CVE-2014-4021 / XSA-100 Hypervisor heap contents leaked to guests

Apart from those there are many further bug fixes and improvements. We recommend all users of the 4.2 stable series to update to this latest point release.