[ubuntu/saucy-proposed] xen 4.2.1-0ubuntu4 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Jun 10 19:40:33 UTC 2013 

xen (4.2.1-0ubuntu4) saucy; urgency=low

  [ Stefan Bader ]
  * Applying Xen Security Advisories:
    - CVE-2013-1918 / XSA-45
      * x86: make vcpu_destroy_pagetables() preemptible
      * x86: make new_guest_cr3() preemptible
      * x86: make MMUEXT_NEW_USER_BASEPTR preemptible
      * x86: make vcpu_reset() preemptible
      * x86: make arch_set_info_guest() preemptible
      * x86: make page table unpinning preemptible
      * x86: make page table handling error paths preemptible
    - CVE-2013-1952 / XSA-49
      * VT-d: don't permit SVT_NO_VERIFY entries for known device types
    - CVE-2013-2076 / XSA-52
      * x86/xsave: fix information leak on AMD CPUs
    - CVE-2013-2077 / XSA-53
      * x86/xsave: recover from faults on XRSTOR
    - CVE-2013-2078 / XSA-54
      * x86/xsave: properly check guest input to XSETBV
    - CVE-2013-2072 / XSA-56
      * libxc: limit cpu values when setting vcpu affinity

  [ Marc Deslauriers ]
  * debian/patches/gcc48-ftbfs.patch: Add -Wno-unused-local-typedefs to
    CFLAGS.
  * debian/patches/gcc48-ftbfs-2.patch: fix memset(&p,0,sizeof(p)) idiom in
    several places.

Date: Mon, 10 Jun 2013 15:03:13 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/saucy/+source/xen/4.2.1-0ubuntu4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 10 Jun 2013 15:03:13 -0400
Source: xen
Binary: xen-docs-4.2 libxen-4.2 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.2 xen-hypervisor-4.2-amd64 xen-system-amd64 xen-hypervisor-4.2-i386 xen-system-i386
Architecture: source
Version: 4.2.1-0ubuntu4
Distribution: saucy
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libxen-4.2 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxen-ocaml - OCaml libraries for controlling Xen
 libxen-ocaml-dev - OCaml libraries for controlling Xen (devel package)
 libxenstore3.0 - Xenstore communications library for Xen
 xen-docs-4.2 - Documentation for Xen
 xen-hypervisor-4.2-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.2-i386 - Xen Hypervisor on i386
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-i386 - Xen System on i386 (meta-package)
 xen-utils-4.2 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore utilities for Xen
Changes: 
 xen (4.2.1-0ubuntu4) saucy; urgency=low
 .
   [ Stefan Bader ]
   * Applying Xen Security Advisories:
     - CVE-2013-1918 / XSA-45
       * x86: make vcpu_destroy_pagetables() preemptible
       * x86: make new_guest_cr3() preemptible
       * x86: make MMUEXT_NEW_USER_BASEPTR preemptible
       * x86: make vcpu_reset() preemptible
       * x86: make arch_set_info_guest() preemptible
       * x86: make page table unpinning preemptible
       * x86: make page table handling error paths preemptible
     - CVE-2013-1952 / XSA-49
       * VT-d: don't permit SVT_NO_VERIFY entries for known device types
     - CVE-2013-2076 / XSA-52
       * x86/xsave: fix information leak on AMD CPUs
     - CVE-2013-2077 / XSA-53
       * x86/xsave: recover from faults on XRSTOR
     - CVE-2013-2078 / XSA-54
       * x86/xsave: properly check guest input to XSETBV
     - CVE-2013-2072 / XSA-56
       * libxc: limit cpu values when setting vcpu affinity
 .
   [ Marc Deslauriers ]
   * debian/patches/gcc48-ftbfs.patch: Add -Wno-unused-local-typedefs to
     CFLAGS.
   * debian/patches/gcc48-ftbfs-2.patch: fix memset(&p,0,sizeof(p)) idiom in
     several places.
Checksums-Sha1: 
 c6ce3fa72a756a1ec522b020f8ee4edc26d9aa20 3176 xen_4.2.1-0ubuntu4.dsc
 d0b11d4ccfc02b3623d3fe22c2e4178553118b00 104829 xen_4.2.1-0ubuntu4.debian.tar.gz
Checksums-Sha256: 
 3d15a237b0f1f9d5e45f742aaa4949a80460e631302c708f84179a707232957d 3176 xen_4.2.1-0ubuntu4.dsc
 4e229338da842af2efdedbf148982ff9363680b89a7f65d3db3eb21dcfaac206 104829 xen_4.2.1-0ubuntu4.debian.tar.gz
Files: 
 e075d8bf8f6e668565984d62194c313a 3176 kernel optional xen_4.2.1-0ubuntu4.dsc
 70741668cf5bf26ce4e0e1fae6f826a6 104829 kernel optional xen_4.2.1-0ubuntu4.debian.tar.gz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJRtisUAAoJEGVp2FWnRL6TfyYP/A/9Svs2yqwo/K1qhW+k/1Tw
+PiMtiBgA+vYv72dEuGMxS0dRUyKWFMfWzbJ5nJe+kavVUtB4R5Y9uJ3HIgAxoVN
9tvKfkw13bvuNkXcMRQbHyopz5GDdzrYaL1pyOO6pwZ7ktaLr/60GGkUc6kLIcJX
UG8QKshA47UxxeGVuiXZ+Q5X78CYe8MEQtkxROQSWpsTx558Yhch855mLKIrntSA
nFAFCVNH3CptP84jRDyMuGV+SD1xap6tFgJO9eq9dpOwoZxn9xZD4thrLf6KNlZI
68fqytuqzhkcZ2vweAZ/PGQbqN+dq3P3syn/cRwFQbGcrCEqX1b1Cogqkx/Jz/T6
PqbUD2D7W9UIY/v+3IiiBNpSXMjEbqBOvxp3z7LV16dFCIL/hTGOT+Bv/dfM2Zst
ulW1i+hmrkVv0U1WiTBgEtsRGvUiViJygluPRo4uIvuqxLS84IuPYpat/5nYYIzV
oBDKCPdsqSfXNYW5yS/itX0XTR0iF6fRFOtEs78zKpZZxm5+XVaVq8lwZ9vRg99Q
e1NWATk8qXMxlfhOYR8zHe+7GfcrpYD3C0LJTG4EAB9O0MmeDCFBA0S55tFSUf9/
QFXSXkiK03LIwtC1GWKc5EJ+b1bUYmrWdM3+F5wRW5LYI4KoS/LISL5XutiBK1UG
xoguaf0ohicjehxxwVO8
=j2xE
-----END PGP SIGNATURE-----

More information about the Saucy-changes mailing list