[ubuntu/artful-proposed] xen 4.9.0-0ubuntu3 (Accepted)

Stefan Bader stefan.bader at canonical.com
Fri Oct 13 15:58:33 UTC 2017 

xen (4.9.0-0ubuntu3) artful; urgency=medium

  * Applying Xen Security Advisories:
    - CVE-2017-12135 / XSA-226
      - Revert: grant_table: Default to v1, and disallow transitive grants
      - gnttab: don't use possibly unbounded tail calls
      - gnttab: fix transitive grant handling
    - CVE-2017-14316 / XSA-231
      - xen/mm: make sure node is less than MAX_NUMNODES
    - CVE-2017-14318 / XSA-232
      - grant_table: fix GNTTABOP_cache_flush handling
    - CVE-2017-14317 / XSA-233
      - tools/xenstore: dont unlink connection object twice
    - CVE-2017-14319 / XSA-234
      - gnttab: also validate PTE permissions upon destroy/replace
    - XSA-235
      - arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
    - XSA-237
      - x86: don't allow MSI pIRQ mapping on unowned device
      - x86: enforce proper privilege when (un)mapping pIRQ-s
      - x86/MSI: disallow redundant enabling
      - x86/IRQ: conditionally preserve irq <-> pirq mapping on map error paths
      - x86/FLASK: fix unmap-domain-IRQ XSM hook
    - XSA-238
      - x86/ioreq server: correctly handle bogus
        XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments
    - XSA-239
      - x86/HVM: prefill partially used variable on emulation paths
    - XSA-240
      - x86: limit linear page table use to a single level
      - x86/mm: Disable PV linear pagetables by default
    - XSA-241
      - x86: don't store possibly stale TLB flush time stamp
    - XSA-242
      - x86: don't allow page_unlock() to drop the last type reference
    - XSA-243
      - x86/shadow: Don't create self-linear shadow mappings for 4-level
        translated guests
    - XSA-244
      - x86/cpu: Fix IST handling during PCPU bringup
    - XSA-245
      - xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn
      - xen/arm: Correctly report the memory region in the dummy NUMA helpers

Date: Tue, 10 Oct 2017 11:24:52 +0200
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/xen/4.9.0-0ubuntu3
-------------- next part --------------
Format: 1.8
Date: Tue, 10 Oct 2017 11:24:52 +0200
Source: xen
Binary: libxen-4.9 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.9 xen-hypervisor-4.9-amd64 xen-system-amd64 xen-hypervisor-4.9-arm64 xen-system-arm64 xen-hypervisor-4.9-armhf xen-system-armhf xen-hypervisor-4.6-amd64 xen-hypervisor-4.6-armhf xen-hypervisor-4.6-arm64 xen-hypervisor-4.7-amd64 xen-hypervisor-4.7-armhf xen-hypervisor-4.7-arm64 xen-hypervisor-4.8-amd64 xen-hypervisor-4.8-armhf xen-hypervisor-4.8-arm64
Architecture: source
Version: 4.9.0-0ubuntu3
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
 libxen-4.9 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxenstore3.0 - Xenstore communications library for Xen
 xen-hypervisor-4.6-amd64 - Transitional package for upgrade
 xen-hypervisor-4.6-arm64 - Transitional package for upgrade
 xen-hypervisor-4.6-armhf - Transitional package for upgrade
 xen-hypervisor-4.7-amd64 - Transitional package for upgrade
 xen-hypervisor-4.7-arm64 - Transitional package for upgrade
 xen-hypervisor-4.7-armhf - Transitional package for upgrade
 xen-hypervisor-4.8-amd64 - Transitional package for upgrade
 xen-hypervisor-4.8-arm64 - Transitional package for upgrade
 xen-hypervisor-4.8-armhf - Transitional package for upgrade
 xen-hypervisor-4.9-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.9-arm64 - Xen Hypervisor on ARM64
 xen-hypervisor-4.9-armhf - Xen Hypervisor on ARMHF
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-arm64 - Xen System on ARM64 (meta-package)
 xen-system-armhf - Xen System on ARMHF (meta-package)
 xen-utils-4.9 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore command line utilities for Xen
Changes:
 xen (4.9.0-0ubuntu3) artful; urgency=medium
 .
   * Applying Xen Security Advisories:
     - CVE-2017-12135 / XSA-226
       - Revert: grant_table: Default to v1, and disallow transitive grants
       - gnttab: don't use possibly unbounded tail calls
       - gnttab: fix transitive grant handling
     - CVE-2017-14316 / XSA-231
       - xen/mm: make sure node is less than MAX_NUMNODES
     - CVE-2017-14318 / XSA-232
       - grant_table: fix GNTTABOP_cache_flush handling
     - CVE-2017-14317 / XSA-233
       - tools/xenstore: dont unlink connection object twice
     - CVE-2017-14319 / XSA-234
       - gnttab: also validate PTE permissions upon destroy/replace
     - XSA-235
       - arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
     - XSA-237
       - x86: don't allow MSI pIRQ mapping on unowned device
       - x86: enforce proper privilege when (un)mapping pIRQ-s
       - x86/MSI: disallow redundant enabling
       - x86/IRQ: conditionally preserve irq <-> pirq mapping on map error paths
       - x86/FLASK: fix unmap-domain-IRQ XSM hook
     - XSA-238
       - x86/ioreq server: correctly handle bogus
         XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments
     - XSA-239
       - x86/HVM: prefill partially used variable on emulation paths
     - XSA-240
       - x86: limit linear page table use to a single level
       - x86/mm: Disable PV linear pagetables by default
     - XSA-241
       - x86: don't store possibly stale TLB flush time stamp
     - XSA-242
       - x86: don't allow page_unlock() to drop the last type reference
     - XSA-243
       - x86/shadow: Don't create self-linear shadow mappings for 4-level
         translated guests
     - XSA-244
       - x86/cpu: Fix IST handling during PCPU bringup
     - XSA-245
       - xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn
       - xen/arm: Correctly report the memory region in the dummy NUMA helpers
Checksums-Sha1:
 7fc138b57e8052c65f2afab785acd097572109ed 3860 xen_4.9.0-0ubuntu3.dsc
 66826d48ff5753ceafffffa635366d562ee32a43 103560 xen_4.9.0-0ubuntu3.debian.tar.xz
 953fc014f430d2079eca14e8eeb5caff98a0eb17 8913 xen_4.9.0-0ubuntu3_source.buildinfo
Checksums-Sha256:
 1704c7607653006e0822234c5208caab0e7b366847d23b27e72ec89629fa4d1f 3860 xen_4.9.0-0ubuntu3.dsc
 ce19319763ec416b16ed291cbaaa78c2c7deef95cd244a0b98c8df2118bf1d93 103560 xen_4.9.0-0ubuntu3.debian.tar.xz
 a0a69840f65e19976b419e9725a188ccf189ec419ab9bd7728c48817574fa0a1 8913 xen_4.9.0-0ubuntu3_source.buildinfo
Files:
 7b54433e7df489a6ef1d1f4d84303dd6 3860 kernel optional xen_4.9.0-0ubuntu3.dsc
 f114f5fa9b485ecb3cacfe595e6787ac 103560 kernel optional xen_4.9.0-0ubuntu3.debian.tar.xz
 d8eed48ecd4d06906edea5d94bb2fb05 8913 kernel optional xen_4.9.0-0ubuntu3_source.buildinfo
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>

More information about the Artful-changes mailing list