[ubuntu/quantal-security] xen 4.1.3-3ubuntu1.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Thu Dec 6 19:36:20 UTC 2012


xen (4.1.3-3ubuntu1.1) quantal-security; urgency=low

  * Applying Xen Security fixes (LP: #1086801, #1086875)
    - VCPU/timers: Prevent overflow in calculations, leading to DoS
      vulnerability
      CVE-2012-4535
    - x86/physdev: Range check pirq parameter from guests
      CVE-2012-4536
    - x86/physmap: Prevent incorrect updates of m2p mappings
      CVE-2012-4537
    - xen/mm/shadow: check toplevel pagetables are present before unhooking
      them
      CVE-2012-4538
    - compat/gnttab: Prevent infinite loop in compat code
      CVE-2012-4539
    - libxc: builder: limit maximum size of kernel/ramdisk
      CVE-2012-4544
    - gnttab: fix releasing of memory upon switches between versions
      CVE-2012-5510
    - hvm: Limit the size of large HVM op batches
      CVE-2012-5511
    - x86/HVM: range check xen_hvm_set_mem_access.hvmmem_access before use
      CVE-2012-5512
    - xen: add missing guest address range checks to XENMEM_exchange handlers
      CVE-2012-5513
    - xen: fix error handling of guest_physmap_mark_populate_on_demand()
      CVE-2012-5514
    - memop: limit guest specified extent order
      CVE-2012-5515

Date: 2012-12-06 14:30:25.547271+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/quantal/+source/xen/4.1.3-3ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Quantal-changes mailing list