- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3

recursive pagetable for 32-bit PV guests (XSA-185)
  57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
- bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of
  instruction pointer truncation during emulation (XSA-186)
  57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
  57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
- bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of
  sh_ctxt->seg_reg[] (XSA-187)
  57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
  57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
- bsc#991934 - xen hypervisor crash in csched_acct
  57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
- Upstream patches from Jan
  57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
  57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
  57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
  57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
  57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
  57c82be2-x86-32on64-adjust-call-gate-emulation.patch
  57c96e2c-x86-correct-PT_NOTE-file-position.patch
  57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch

- bsc#989679 - [pvusb feature] USB device not found when
  'virsh detach-device guest usb.xml'
  57c93e52-fix-error-in-libxl_device_usbdev_list.patch

OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=450

xen.spec

@@ -165,7 +165,7 @@ BuildRequires:  xorg-x11-util-devel
 %endif
 %endif
 
-Version:        4.7.0_11
+Version:        4.7.0_12
 Release:        0
 Summary:        Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:        GPL-2.0
@@ -219,6 +219,21 @@ Patch13:        57a30261-x86-support-newer-Intel-CPU-models.patch
 Patch14:        57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
 Patch15:        57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
 Patch16:        57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
+Patch17:        57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
+Patch18:        57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
+Patch19:        57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
+Patch20:        57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
+Patch21:        57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
+Patch22:        57c82be2-x86-32on64-adjust-call-gate-emulation.patch
+Patch23:        57c93e52-fix-error-in-libxl_device_usbdev_list.patch
+Patch24:        57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
+Patch25:        57c96e2c-x86-correct-PT_NOTE-file-position.patch
+Patch26:        57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
+Patch27:        57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
+Patch28:        57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
+Patch29:        57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
+Patch30:        57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
+Patch31:        57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
 # Upstream qemu-traditional patches
 Patch250:       VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:       0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -557,6 +572,21 @@ Authors:
 %patch14 -p1
 %patch15 -p1
 %patch16 -p1
+%patch17 -p1
+%patch18 -p1
+%patch19 -p1
+%patch20 -p1
+%patch21 -p1
+%patch22 -p1
+%patch23 -p1
+%patch24 -p1
+%patch25 -p1
+%patch26 -p1
+%patch27 -p1
+%patch28 -p1
+%patch29 -p1
+%patch30 -p1
+%patch31 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1