[ubuntu-cloud-archive/icehouse-updates] xen (Accepted)

James Page james.page at ubuntu.com
Mon Dec 16 09:02:43 UTC 2013


 xen (4.3.0-1ubuntu2~cloud0) precise-icehouse; urgency=low
 .
   * New usptream release for the Ubuntu Cloud Archive.
 .
 xen (4.3.0-1ubuntu2) trusty; urgency=low
 .
   * Applying Xen Security Advisories:
     - CVE-2013-1442 / XSA-62
       * Information leak on AVX and/or LWP capable CPUs
     - CVE-2013-4355 / XSA-63
       * Information leaks through I/O instruction emulation
     - CVE-2013-4356 / XSA-64
       * Memory accessible by 64-bit PV guests under live migration
     - CVE-2013-4361 / XSA-66
       Information leak through fbld instruction emulation
     - CVE-2013-4368 / XSA-67
       * Information leak through outs instruction emulation
     - CVE-2013-4369 / XSA-68
       * possible null dereference when parsing vif ratelimiting info
     - CVE-2013-4370 / XSA-69
       * misplaced free in ocaml xc_vcpu_getaffinity stub
     - CVE-2013-4371 / XSA-70
       * use-after-free in libxl_list_cpupool under memory pressure
     - CVE-2013-4416 / XSA-72
       * ocaml xenstored mishandles oversized message replies
     - CVE-2013-4494 / XSA-73
       * Lock order reversal between page allocation and grant table locks

Date: Wed, 04 Dec 2013 15:19:42 -0500
Changed-By: Chuck Short <zulcss at ubuntu.com>
Signed-By: Chuck Short <chuck.short at canonical.com> 
Published-By: James Page <james.page at ubuntu.com>


More information about the Cloud-archive-changes mailing list