[ubuntu/trusty-updates] xen 4.4.2-0ubuntu0.14.04.2 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Sep 2 20:28:38 UTC 2015

xen (4.4.2-0ubuntu0.14.04.2) trusty-security; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2015-4103 / XSA-128
      * properly gate host writes of modified PCI CFG contents
    - CVE-2015-4104 / XSA-129
      * xen: don't allow guest to control MSI mask register
    - CVE-2015-4105 / XSA-130
      * xen/MSI-X: disable logging by default
    - CVE-2015-4106 / XSA-131
      * xen/MSI: don't open-code pass-through of enable bit modifications
      * xen/pt: consolidate PM capability emu_mask
      * xen/pt: correctly handle PM status bit
      * xen/pt: split out calculation of throughable mask in PCI config space
      * xen/pt: mark all PCIe capability bits read-only
      * xen/pt: mark reserved bits in PCI config space fields
      * xen/pt: add a few PCI config space field descriptions
      * xen/pt: unknown PCI config space fields should be read-only
    - CVE-2015-4163 / XSA-134
      * gnttab: add missing version check to GNTTABOP_swap_grant_ref handling
    - CVE-2015-3209 / XSA-135
      * pcnet: fix Negative array index read
      * pcnet: force the buffer access to be in bounds during tx
    - CVE-2015-4164 / XSA-136
      * x86/traps: loop in the correct direction in compat_iret()
    - CVE-2015-3259 / XSA-137
      * xl: Sane handling of extra config file arguments
    - CVE-2015-5154 / XSA-138
      * ide: Check array bounds before writing to io_buffer
      * ide: Clear DRQ after handling all expected accesses
    - CVE-2015-5165 / XSA-140
      * rtl8139: avoid nested ifs in IP header parsing
      * rtl8139: drop tautologous if (ip) {...} statement
      * rtl8139: skip offload on short Ethernet/IP header
      * rtl8139: check IP Header Length field
      * rtl8139: check IP Total Length field
      * rtl8139: skip offload on short TCP header
      * rtl8139: check TCP Data Offset field
    - CVE-2015-6654 / XSA-141
      * xen/arm: mm: Do not dump the p2m when mapping a foreign gfn

Date: 2015-09-02 17:53:17.556362+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list