New security update is available for the only currently supported release of XCP-ng: 8.2 LTS.
As the first patch for XSA-433 was released in emergency due to a broken embargo, there wasn't enough time to test and validate everything upstream before releasing the first version.
We followed the upstream release to offer the patch as early as possible. Since last week, an error has been discovered in the previous patch of Xen for the Zenbleed flaw.
That's why we're releasing a new one to stay in sync with upstream and to help you stay safe.
The earliest patch provided for Xen was buggy. It unintentionally disables more bits than expected in the control register. As the contents of this register are not generally known, the effects on the system are unknown.
This update contains a patch that corrects the behaviour of the first patch for XSA-433 and simply masking the single required bit.
- Synced with Citrix Hypervisor 8.2 CU1 XS82ECU1044.