[ubuntu/trusty-updates] xen 4.4.0-0ubuntu5.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Jul 9 13:58:12 UTC 2014
xen (4.4.0-0ubuntu5.1) trusty-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2014-2599 / XSA-89
* x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access()
- CVE-2014-3125 / XSA-91
* xen/arm: Correctly save/restore CNTKCTL_EL1
- CVE-2014-3124 / XSA-92
* x86/HVM: restrict HVMOP_set_mem_type
- CVE-2014-2915 / XSA-93
* xen/arm: Inject an undefined instruction when the coproc/sysreg
is not handled
* xen/arm: Don't let the guest access the coprocessors registers
* xen/arm: Upgrade DCISW into DCCISW
* xen/arm: Trap cache and TCM lockdown registers
* xen/arm: Don't expose implementation defined registers (Cp15 c15)
to the guest
* xen/arm: Don't let guess access to Debug and Performance Monitor
registers
- CVE-2014-2986 / XSA-94
* xen/arm: vgic: Check rank in GICD_ICFGR* emulation before locking
- CVE-2014-3714, CVE-2014-3715, CVE-2014-3716, CVE-2014-3717 / XSA-95
* tools: arm: remove code to check for a DTB appended to the kernel
- CVE-2014-3967,CVE-2014-3968 / XSA-96
* x86/HVM: eliminate vulnerabilities from hvm_inject_msi()
- CVE-2014-3969 / XSA-98
* xen: arm: check permissions when copying to/from guest virtual
addresses
* xen: arm: ensure we hold a reference to guest pages while we copy
to/from them
- CVE-2014-4021 / XSA-100
* AMD IOMMU: don't free page table prematurely
* page-alloc: scrub pages used by hypervisor upon freeing
- CVE-2014-4022 / XSA-101
* xen: arm: initialise the grant_table_gpfn array on allocation
Date: 2014-07-09 11:59:23.859223+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/trusty/+source/xen/4.4.0-0ubuntu5.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list