xen (4.4.1-0ubuntu0.14.04.2) trusty-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2013-3495 / XSA-59
* VT-d: suppress UR signaling for further desktop chipsets
- CVE-2014-8594 / XSA-109
* x86: don't allow page table updates on non-PV page tables in
do_mmu_update()
- CVE-2014-8595 / XSA-110
* x86emul: enforce privilege level restrictions when loading CS
- CVE-2014-8866 / XSA-111
* x86: limit checks in hypercall_xlat_continuation() to actual arguments
- CVE-2014-8867 / XSA-112
* x86/HVM: confine internally handled MMIO to solitary regions
- CVE-2014-9030 / XSA-113
* x86/mm: fix a reference counting error in MMU_MACHPHYS_UPDATE
xen (4.4.1-0ubuntu0.14.04.1) trusty; urgency=low
* Updating to lastest upstream stable release 4.4.1 (LP: #1390352)
- Replacing the following security changes by upstream versions:
* CVE-2013-3495 / XSA-59 (additional work-around),
CVE-2014-2599 / XSA-89, CVE-2014-3125 / XSA-91,
CVE-2014-3124 / XSA-92, CVE-2014-2915 / XSA-93,
CVE-2014-2986 / XSA-94,
CVE-2014-3714,CVE-2014-3715,CVE-2014-3716,CVE-2014-3717 / XSA-95,
CVE-2014-3967,CVE-2014-3968 / XSA-96, CVE-2014-3969 / XSA-98,
CVE-2014-4021 / XSA-100, CVE-2014-4022 / XSA-101,
CVE-2014-5147 / XSA-102, CVE-2014-5148 / XSA-103
- Dropped patches:
* upstream-25290:7a6dcecb1781-rework (stale)
* tools-flask-prefix.diff (stale)
* ubuntu-tools-hotplug-disable-xend-socket.patch (stale, duplicate)
- Refreshed patches:
* d/p/debian/patches/ubuntu-arm64-enablement.patch
Configure part fixed in Xen code. Duplicate defines for arm64 seem
to be avoided by later libc, so need to keep that worked-around in
Xen.
Date: 2014-11-26 14:04:07.024745+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/xen/4.4.1-0ubuntu0.14.04.2
-------------- next part --------------
Sorry, changesfile not available.