[ubuntu-cloud-archive/havana-proposed] xen (Accepted)
James Page
james.page at ubuntu.com
Mon Dec 2 16:26:54 UTC 2013
xen (4.3.0-1ubuntu1.1~cloud0) precise-havana; urgency=low
.
* Security update for the Ubuntu Cloud Archive.
.
xen (4.3.0-1ubuntu1.1) saucy-security; urgency=low
.
* Applying Xen Security Advisories:
- CVE-2013-1442 / XSA-62
* Information leak on AVX and/or LWP capable CPUs
- CVE-2013-4355 / XSA-63
* Information leaks through I/O instruction emulation
- CVE-2013-4356 / XSA-64
* Memory accessible by 64-bit PV guests under live migration
- CVE-2013-4361 / XSA-66
Information leak through fbld instruction emulation
- CVE-2013-4368 / XSA-67
* Information leak through outs instruction emulation
- CVE-2013-4369 / XSA-68
* possible null dereference when parsing vif ratelimiting info
- CVE-2013-4370 / XSA-69
* misplaced free in ocaml xc_vcpu_getaffinity stub
- CVE-2013-4371 / XSA-70
* use-after-free in libxl_list_cpupool under memory pressure
- CVE-2013-4416 / XSA-72
* ocaml xenstored mishandles oversized message replies
- CVE-2013-4494 / XSA-73
* Lock order reversal between page allocation and grant table locks
Date: Mon, 02 Dec 2013 12:58:10 +0000
Changed-By: James Page <james.page at ubuntu.com>
Signed-By: James Page <james.page at ubuntu.com>
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list