[ubuntu/trusty-proposed] xen 4.3.0-1ubuntu2 (Accepted)
Stefan Bader
stefan.bader at canonical.com
Tue Nov 12 13:13:16 UTC 2013
xen (4.3.0-1ubuntu2) trusty; urgency=low
* Applying Xen Security Advisories:
- CVE-2013-1442 / XSA-62
* Information leak on AVX and/or LWP capable CPUs
- CVE-2013-4355 / XSA-63
* Information leaks through I/O instruction emulation
- CVE-2013-4356 / XSA-64
* Memory accessible by 64-bit PV guests under live migration
- CVE-2013-4361 / XSA-66
Information leak through fbld instruction emulation
- CVE-2013-4368 / XSA-67
* Information leak through outs instruction emulation
- CVE-2013-4369 / XSA-68
* possible null dereference when parsing vif ratelimiting info
- CVE-2013-4370 / XSA-69
* misplaced free in ocaml xc_vcpu_getaffinity stub
- CVE-2013-4371 / XSA-70
* use-after-free in libxl_list_cpupool under memory pressure
- CVE-2013-4416 / XSA-72
* ocaml xenstored mishandles oversized message replies
- CVE-2013-4494 / XSA-73
* Lock order reversal between page allocation and grant table locks
Date: Tue, 05 Nov 2013 16:16:05 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/trusty/+source/xen/4.3.0-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 05 Nov 2013 16:16:05 +0100
Source: xen
Binary: libxen-4.3 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.3 xen-hypervisor-4.3-amd64 xen-system-amd64 xen-hypervisor-4.3-armhf xen-system-armhf
Architecture: source
Version: 4.3.0-1ubuntu2
Distribution: trusty
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
libxen-4.3 - Public libs for Xen
libxen-dev - Public headers and libs for Xen
libxen-ocaml - OCaml libraries for controlling Xen
libxen-ocaml-dev - OCaml libraries for controlling Xen (devel package)
libxenstore3.0 - Xenstore communications library for Xen
xen-hypervisor-4.3-amd64 - Xen Hypervisor on AMD64
xen-hypervisor-4.3-armhf - Xen Hypervisor on Arm v7/v8
xen-system-amd64 - Xen System on AMD64 (meta-package)
xen-system-armhf - Xen System on Arm v7/v8 (meta-package)
xen-utils-4.3 - XEN administrative tools
xen-utils-common - Xen administrative tools - common files
xenstore-utils - Xenstore utilities for Xen
Changes:
xen (4.3.0-1ubuntu2) trusty; urgency=low
.
* Applying Xen Security Advisories:
- CVE-2013-1442 / XSA-62
* Information leak on AVX and/or LWP capable CPUs
- CVE-2013-4355 / XSA-63
* Information leaks through I/O instruction emulation
- CVE-2013-4356 / XSA-64
* Memory accessible by 64-bit PV guests under live migration
- CVE-2013-4361 / XSA-66
Information leak through fbld instruction emulation
- CVE-2013-4368 / XSA-67
* Information leak through outs instruction emulation
- CVE-2013-4369 / XSA-68
* possible null dereference when parsing vif ratelimiting info
- CVE-2013-4370 / XSA-69
* misplaced free in ocaml xc_vcpu_getaffinity stub
- CVE-2013-4371 / XSA-70
* use-after-free in libxl_list_cpupool under memory pressure
- CVE-2013-4416 / XSA-72
* ocaml xenstored mishandles oversized message replies
- CVE-2013-4494 / XSA-73
* Lock order reversal between page allocation and grant table locks
Checksums-Sha1:
3e5cfea3fc9ba727037397657929a6902070da3c 3031 xen_4.3.0-1ubuntu2.dsc
54a2a4d65f3d059e31c92b71da5e24ae51c24b38 74616 xen_4.3.0-1ubuntu2.debian.tar.gz
Checksums-Sha256:
2acd26e9047b9580ea8998dc49f7accc0a598d89fb591e4f69edb7f2dbb2d037 3031 xen_4.3.0-1ubuntu2.dsc
6587a9beece4b2b6f94aec1be5db8e59bc1183da608c99ce06e6010d9382cc23 74616 xen_4.3.0-1ubuntu2.debian.tar.gz
Files:
792ad5db75ed3c17bf62fdffed46ce08 3031 kernel optional xen_4.3.0-1ubuntu2.dsc
2d90c8d0d74e2378d141ba762a081ac1 74616 kernel optional xen_4.3.0-1ubuntu2.debian.tar.gz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAEBCgAGBQJSgijhAAoJEGVp2FWnRL6T8XQP/j4ax0nVvzlQGYqQWq+AiN3P
ouciHQDfrbSP40mXZJGJVa2odKNzO6bNJMwgjSwV4z7zRJHhi5OjWvr5hs8ZEf71
fISIKnOM0/N5ld/mPz/Xtrf1GpM1GHvkP8Rw1wpronJpH1Bxl3PW6k6R0rJWQSzB
yfYpwg2EIg9FNgtc4Nh7MbppVUaBhDP6hyzPnLD0gn5E/c4Fg5mVYxcuUQx7Ev+W
VzpxQN1y6J1yEP4fUdDHS0nJMvnKHfhFgvx36C4MVZOHFEf4ELbZczg0BvQ0bvT7
pwC8W1MB+ulFI/M3Lom0+SGfVzjUbQTi0jE9K1WoYBnesX7NEBwySLLQcJUlvcVW
kcwYsMhttEm4VgHI6tkADV0gQ42nXwJCB2ofMvoE3yyQTAQ557ojIessmeYbtCLc
l5yleC0/yrHGKdkD74qfyTECmrQyAm6vpLlpDojYEst1IxWYkDQL6/MiW1DCL6he
f5NIAQh1GvZDmOIL8aOheAeLCHOnXhCBD3ffbQMZAPeMaHkakrtWPRSptwzMmASM
ghg3noZTFd4rzWYVXoiCVqVe+YwZQ1fnsVZPcmIQNJqTexnunR1P8eulR4a+jnaE
OEmP6lU8di/jjL8QescOssAeWHE+KYLNBomCj2bH5K+QapAlKG7HnDHFpZdBk9Nw
1vbPnItEGeoGsxeVUkZh
=g7ko
-----END PGP SIGNATURE-----
More information about the Trusty-changes
mailing list