This hotfix resolves the following issues:

• If you forcibly shut down a VM that has an AMD MxGPU attached, or the guest OS shuts down abnormally, your Citrix Hypervisor server might experience memory corruption.
• If you force a shutdown on a Windows VM that is in an unclean state, the Citrix Hypervisor server hosting the VM might crash.

For Sandybridge hardware, this hotfix updates the Intel microcode to the microcode-20190618 release. This microcode addresses issues described in CTX251995 - Citrix XenServer Multiple Security Updates. To apply the updated microcode you must stop and start your Citrix Hypervisor host. To check that the microcode has been correctly applied, see the advice in the security bulletin.

This hotfix also includes the following previously released hotfixes:

This hotfix resolves the following issue:

• If you forcibly shut down a VM that has an AMD MxGPU attached, or the guest OS shuts down abnormally, your Citrix Hypervisor server might experience memory corruption.

For Sandybridge hardware, this hotfix updates the Intel microcode to the microcode-20190618 release. This microcode addresses issues described in CTX251995 - Citrix XenServer Multiple Security Updates. To apply the updated microcode you must stop and start your XenServer host. To check that the microcode has been correctly applied, see the advice in the security bulletin.

This hotfix also includes the following previously released hotfixes:

This release of XenCenter is for customers who use XenCenter as the management console for XenServer 7.1 LTSR. XenCenter 7.1 CU2 is released as part of XenServer 7.1 Cumulative Update 2 and is available only to customers on the Customer Success Services program.

We recommend that you install this version of XenCenter before using XenCenter to update XenServer 7.1 CU1 hosts to XenServer 7.1 CU2.

XenServer 7.1 Cumulative Update 2 (XS71ECU2) must be installed by customers running XenServer 7.1 LTSR CU1. It includes all previously released XenServer 7.1 CU1 hotfixes. Installation of XS71ECU2 is required for all future functional hotfixes for XenServer 7.1 LTSR.

XenServer 7.1 Cumulative Update 2 and its subsequent hotfixes are available only to customers on the Customer Success Services program.

Citrix will continue to provide security updates to the base XenServer 7.1 CU1 product for a period of three months from the release date of the XenServer 7.1 Cumulative Update 2 (until March 12, 2019). After this three month period elapses, any new hotfixes released will only support XenServer 7.1 with CU2 applied.

For more information about XenServer 7.1 CU2, see the Citrix XenServer 7.1 Cumulative Update 2 Release Notes.

This hotfix resolves the following issues:

• Depending on the guest OS and device, devices passed through to a guest might not function correctly due to missed interrupts.

This hotfix resolves the following issues:

• Improvements to VM performance and stability.
• A race condition in XenBus can cause pauses in Windows VM operation, which lead to Timeout Detection and Recovery (TDR) events. The TDR can cause the VM to crash.
• Under low resource situations, Xennet can consume all of the RAM on a Windows VM. This causes the VM to crash.
• Windows VMs with the XenVBD driver installed can experience a high number of system interrupts when performing storage operations, especially if you are using fast storage and transferring large amounts of data.

This hotfix also includes the drivers required to support Windows Server 2019 VMs on XenServer 7.1 CU2.

This hotfix resolves the following issues:

• If a VM's disk is a candidate for leaf-coalescing but the VM is writing data faster than the single snapshot coalesce process can deal with, the leaf-coalesce process aborts. The abort path then attempts to perform the leaf-coalesce with the VM paused. This attempt times out.
• A race condition between the garbage collector and VDI.load can cause a VM migrate to fail with the error SR_BACKEND_FAILURE_65.
• XenServer can experience an out-of-memory event caused by too many latent GC threads.

This hotfix also includes the following improvement:

• VDI deletion is now idempotent, to avoid interference by other components (for example, PVS) or manual operations.

This hotfix includes the following improvements:

• Add a template and support for SUSE Linux Enterprise Server 12 SP4 (64-bit)
• Add a template and support for SUSE Linux Enterprise Desktop 12 SP4 (64-bit)

This security hotfix addresses the vulnerabilities as described in the Security Bulletin above. In addition, it resolves the following issues:

• If you perform an action that causes the standby storage to go offline, a race condition can cause all of the XenServer hosts in a pool to crash. The error message 'blocked FC remote port time out' appears multiple times in the logs.
• If you shutdown or reboot your XenServer host shortly after starting a lot of guest VPX instances (>20), the XenServer host hangs.

This hotfix also includes the following previously released hotfixes:

This hotfix resolves the following issues:

• A reboot of one switch in an MC-LAG bond makes all bond links to go down, causing a total connectivity loss for 3 seconds.

This hotfix resolves the following issues:

• If you forcibly shut down a VM that has an AMD MxGPU attached, or the guest OS shuts down abnormally, your Citrix Hypervisor server might experience memory corruption.
• XenServer does not copy SMBIOS type 2 information from the XenServer host to a VM.
• When attempting to import or export an OVA/OVF file in a pool that contains different feature sets, the import or export might fail with the error message: 'Failed to start Transfer VM'.

For Sandybridge hardware, this hotfix updates the Intel microcode to the microcode-20190618 release. This microcode addresses issues described in CTX251995 - Citrix XenServer Multiple Security Updates. To apply the updated microcode you must stop and start your XenServer host. To check that the microcode has been correctly applied, see the advice in the security bulletin.

This hotfix also includes the following previously released hotfixes:

This hotfix resolves the following issues:

• In the presence of consistent failure when registering VDIs, xcp-rrdd-iostat's log messages can fill available log space. This update limits the amount of logging by xcp-rrdd-iostat.
• During toolstack restart, xcp-rrdd can use 100% of the CPU for a long time.
• After restarting XenServer, Citrix Virtual Desktops (XenDesktop) users might see a XAPI exception: 'Plug-in has been stopped due to an authentication issue'. This error is shown even in the case where no authentication or credentials issue exists.
• If the HA daemon has previously failed on startup, HA might not be able to start. The following error message is displayed: 'HA could not be enabled on the Pool because a liveset could not be formed: check storage and network heartbeat paths.'
• If you add a large number of SRs, XAPI might run out of file descriptors.

  Note: We generally recommend that you install all other released hotfixes. To work with a large number of SRs, ensure that you install CTX256836 - Hotfix XS71ECU2009 - For XenServer 7.1 Cumulative Update 2 to reduce the likelihood of running out of memory.

This hotfix also includes the following previously released hotfixes:

This hotfix resolves the following issue:

• In rare circumstances when a XenServer host is enabling HA, or during a host reboot with HA enabled, the host can fail to establish HA communication with the other hosts. This is due to another process on the host using the listening port required by the HA software.

• Installation of Management Agent can fail after installing newer I/O drivers through Windows Update.
• Failure to reboot a Windows VM after installing XenServer Tools can result in excessive log entries being written to xensource.log and xenstored-access.log until the VM is rebooted. If customers do not reboot the VM, or delay the reboot, excess logs can fill up the XenServer host log partition.
• The Management Agent can crash and respawn on systems without a terminal services Windows Management Instrumentation (WMI) object causing high CPU usage and excessive logging in /var/log/daemon.
• If the Management Agent auto update is enabled after installing XenServer Tools, and a new update is available, the initial auto-update can fail due to a race condition that can cause multiple update attempts to occur simultaneously.

• The default behavior of the Management Agent has been improved to enable customers to configure whether any I/O driver updates included in the Management Agent should be applied automatically. For more information, see section 4.3.1 Installing XenServer Tools in the XenServer 7.0 Virtual Machine User's Guide.
• This version (v7.1.844) of the Management Agent includes new versions of the I/O drivers that are compatible with Microsoft Windows Server 2016. These drivers have been released previously through the Microsoft Windows Server Update Service. For more information, see Update XS70EU002 - Windows I/O Drivers for XenServer 7.0.

• This is a hotfix for customers running XenServer 7.0. All customers who are affected by the issues described in CTX219378: Citrix XenServer Multiple Security Updates should install this hotfix.
• This hotfix supports the improvements to XenServer's Direct Inspect APIs.

• When booting a vGPU provisioned Virtual Machine (VM) from network, an interaction between VGA BIOS and VGA emulation code in the vGPU device model can result in the corruption of the VM console in XenCenter.

• When Installing XenServer or upgrading XenServer to a newer version, PBIS services get enabled (even when Role-based access control (RBAC) is not used) and display a lot of error messages. Also, this issue consumes a lot of control domain (dom0) resources.

• Oracle Linux 6.8
• Red Hat Enterprise Linux 6.8
• CentOS 6.8
• NeoKylin Linux Advanced Server 6.5 ( only 64 bit )
• NeoKylin Linux Advanced Server 7.2 ( Only 64 bit )
• SUSE Linux Enterprise Server 11 SP4

This hotfix addresses the following issue:

• When attempting to use XenServer Conversion Manager (XCM) Console to connect to an XCM Virtual Appliance that runs on a slave host, the connection fails and the following message is displayed by the console: 'There was a failure communicating with the plugin.' This hotfix ensures that the XCM Console can connect to a XCM Virtual Appliance that runs on any XenServer host.

This hotfix resolves the following issue:

• When using SSH to connect to XenServer, a user might experience a memory leak in systemd on XenServer.

This hotfix also includes the following previously released hotfixes:

This hotfix resolves the following issues:

• A race condition caused Windows VMs to hang repeatedly and give an error with Event ID 129: 'StorPort detected a SRB timeout, and issued a reset'.
• XenVBD can consume 100% of a vCPU and can block other processes from using that vCPU.
• If a restart is performed without clicking on the Yes or No buttons of the restart to complete installation dialog box, the dialog box continues to appear even after restarting the VM.

This hotfix also includes the following previously released hotfixes:

This security hotfix addresses the vulnerabilities as described in the Security Bulletin above.

This hotfix also includes the following previously released hotfixes:

This hotfix resolves the following issue:

• If you cancel an ongoing Storage XenMotion, the next attempt to migrate the VM using Storage XenMotion fails with the 'VDI Mirroring Cannot be performed' error. However, any subsequent attempts to migrate the VM succeed.

This hotfix also includes the following previously released hotfixes:

This hotfix resolves the following issues:

• A VM taking more than 30 seconds to shut down can lead to the error 'Domain stuck in dying state after 30s'.
• Automated guest agent update stops working after a host reboot, due to its dependency on entries in xenstore that were not properly recreated after the reboot.
• Windows VMs with XenIface driver version 8.2.0.61 or later installed that are hosted on a XenServer 7.0 host cannot be clean shutdown by using XenCenter. The option is disabled in the XenCenter interface. This issue only occurs if the Management Agent is not running on the VM.
• In high-load situations, XenServer sometimes fails to detect a VM having the latest PV Tools installed and reports them as out of date.

This hotfix also includes the following previously released hotfixes:

This hotfix addresses the following issues that are present in the now superseded hotfix (XS70E067):

• XenCenter 8.0 does not connect to XenServer 7.0 hosts that have XS70E067 applied and reports the following error: 'This pool contains servers earlier than Citrix Hypervisor 7.0. Please use an earlier version of XenCenter to manage this pool.' To work around this issue, use XenCenter 7.6 or earlier to connect to these hosts.

Important: If you have already installed XS70E067 on your XenServer 7.0 hosts, you must apply this hotfix before you can upgrade these hosts to a later version of XenServer.

This hotfix also includes the following previously released hotfixes: