[ubuntu/trusty-security] xen 4.4.2-0ubuntu0.14.04.4 (Accepted)

[Marc Deslauriers]

xen (4.4.2-0ubuntu0.14.04.4) trusty-security; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2015-8550 / XSA-155
      * blkif: Avoid double access to src->nr_segments
      * xenfb: avoid reading twice the same fields from the shared page
      * xen: Add RING_COPY_REQUEST()
      * blktap2: Use RING_COPY_REQUEST
      * libvchan: Read prod/cons only once.
    - CVE-2015-8338 / XSA-158
      * memory: split and tighten maximum order permitted in memops
    - CVE-2015-8339, CVE-2015-8340 / XSA-159
      * memory: fix XENMEM_exchange error handling
    - CVE-2015-8341 / XSA-160
      * libxl: Fix bootloader-related virtual memory leak on pv
        build failure
    - CVE-2015-7504 / XSA-162
      * net: pcnet: add check to validate receive data size
    - CVE-2015-8554 / XSA-164
      * MSI-X: avoid array overrun upon MSI-X table writes
    - CVE-2015-8555 / XSA-165
      * x86: don't leak ST(n)/XMMn values to domains first using them
    - CVE-2015-???? / XSA-166
      * x86/HVM: avoid reading ioreq state more than once

Date: 2015-12-16 19:16:18.616878+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/xen/4.4.2-0ubuntu0.14.04.4
-------------- next part --------------
Sorry, changesfile not available.