[ubuntu/trusty-proposed] xen 4.3.0-1ubuntu3 (Accepted)

Stefan Bader stefan.bader at canonical.com
Tue Dec 17 15:26:15 UTC 2013 

xen (4.3.0-1ubuntu3) trusty; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2013-4553 / XSA-74
      * Lock order reversal between page_alloc_lock and mm_rwlock
    - CVE-2013-4551 / XSA-75
      * Host crash due to guest VMX instruction execution
    - CVE-2013-4554 / XSA-76
      * Hypercalls exposed to privilege rings 1 and 2 of HVM guests
    - CVE-????-???? / XSA-77
      * Disaggregated domain management security status
    - CVE-2013-6375 / XSA-78
      * Insufficient TLB flushing in VT-d (iommu) code
    - CVE-2013-6400 / XSA-80
      * IOMMU TLB flushing may be inadvertently suppressed
    - CVE-2013-6885 / XSA-82
      * Guest triggerable AMD CPU erratum may cause host hang

Date: Fri, 06 Dec 2013 17:51:24 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/trusty/+source/xen/4.3.0-1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 Dec 2013 17:51:24 +0100
Source: xen
Binary: libxen-4.3 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.3 xen-hypervisor-4.3-amd64 xen-system-amd64 xen-hypervisor-4.3-armhf xen-system-armhf
Architecture: source
Version: 4.3.0-1ubuntu3
Distribution: trusty
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description: 
 libxen-4.3 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxen-ocaml - OCaml libraries for controlling Xen
 libxen-ocaml-dev - OCaml libraries for controlling Xen (devel package)
 libxenstore3.0 - Xenstore communications library for Xen
 xen-hypervisor-4.3-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.3-armhf - Xen Hypervisor on Arm v7/v8
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-armhf - Xen System on Arm  v7/v8 (meta-package)
 xen-utils-4.3 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore utilities for Xen
Changes: 
 xen (4.3.0-1ubuntu3) trusty; urgency=low
 .
   * Applying Xen Security Advisories:
     - CVE-2013-4553 / XSA-74
       * Lock order reversal between page_alloc_lock and mm_rwlock
     - CVE-2013-4551 / XSA-75
       * Host crash due to guest VMX instruction execution
     - CVE-2013-4554 / XSA-76
       * Hypercalls exposed to privilege rings 1 and 2 of HVM guests
     - CVE-????-???? / XSA-77
       * Disaggregated domain management security status
     - CVE-2013-6375 / XSA-78
       * Insufficient TLB flushing in VT-d (iommu) code
     - CVE-2013-6400 / XSA-80
       * IOMMU TLB flushing may be inadvertently suppressed
     - CVE-2013-6885 / XSA-82
       * Guest triggerable AMD CPU erratum may cause host hang
Checksums-Sha1: 
 210b57564bd02fa402c670cb3dfad6332792879b 3031 xen_4.3.0-1ubuntu3.dsc
 9e12f9b47b6d62b8856da4c6131ad5632ab09e39 80474 xen_4.3.0-1ubuntu3.debian.tar.gz
Checksums-Sha256: 
 e6c3b040d4bd326d6954c332ada0f0882185983a86c7add078c2b95a2ae65439 3031 xen_4.3.0-1ubuntu3.dsc
 9883a7a7a66926b30adf98a14ed75247bfcae7b4ea01b7c07671de9d42e27263 80474 xen_4.3.0-1ubuntu3.debian.tar.gz
Files: 
 7f4c5dddb570bbafbb3aacf8bd28db1f 3031 kernel optional xen_4.3.0-1ubuntu3.dsc
 4b2756b8b2d2543cfefeb1a1e45335da 80474 kernel optional xen_4.3.0-1ubuntu3.debian.tar.gz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBCgAGBQJSsGyfAAoJEGVp2FWnRL6TI6MP/jx0QnpYbk978WDkxb3DHsRC
zlk1MqHTGzMa9imK1UIQdD2J3j5oblt/yuc9u9lUy3hMc3bKA8yXZ8iAF18cOgJr
JIvk64fLGmECEDTYlRTADNTwx9il50TUvtH/5uaUSavNSJQXYzgmE41QBz8ww+0/
coeuZ+kKoa+W0Ni78CVHrI6U7MhchJR7XEIFSBeTdW/8v4BRQANW4XPVbU9+/EDy
sTi0e+MHcPWYxHZJdNR/9KKZeOKHlEeDirJF6ROu+W8f/pUgm8jQBZcG6yjHm+Bp
vRlB+TivoslmiHd5KhNjk2mgfZqBGHGuzQit/qzdGa0dcz/qYIcAX9ne3WjUjqxq
EYtEHavYaKqZb0QVOY0fUVG8My7dn7tR6iWW+MtFoLJ+flt4/zvL3J/cp5O/bb9c
RDwaG9wM6/jnxa14Uia59HkR7UOHzgSfCR0LfOUB1fphrgWwNKfIv973SFTqxmV8
nj8/4AA/BKvBcn0LmgQWcczAcHn3DDD2WVphijF0rfZWfAUX2D92s3O1ygnifOBR
XT4NcdvHL+j5UaE0WBVOZf9U0oFIrc5DpC3qWq0ncl2f8bsTnbQFEttmLXcw2GAc
2WsSiPnlOowvc9NyB7HYLvKFJ01rgi97iGeAHBK9BE1gMH+WAPZp0UWN283fWp0E
jHc//pWGQI5/nrVDopJ+
=rKAr
-----END PGP SIGNATURE-----

More information about the Trusty-changes mailing list