[ubuntu/trusty-updates] xen 4.4.2-0ubuntu0.14.04.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Sep 2 20:28:38 UTC 2015
xen (4.4.2-0ubuntu0.14.04.2) trusty-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2015-4103 / XSA-128
* properly gate host writes of modified PCI CFG contents
- CVE-2015-4104 / XSA-129
* xen: don't allow guest to control MSI mask register
- CVE-2015-4105 / XSA-130
* xen/MSI-X: disable logging by default
- CVE-2015-4106 / XSA-131
* xen/MSI: don't open-code pass-through of enable bit modifications
* xen/pt: consolidate PM capability emu_mask
* xen/pt: correctly handle PM status bit
* xen/pt: split out calculation of throughable mask in PCI config space
handling
* xen/pt: mark all PCIe capability bits read-only
* xen/pt: mark reserved bits in PCI config space fields
* xen/pt: add a few PCI config space field descriptions
* xen/pt: unknown PCI config space fields should be read-only
- CVE-2015-4163 / XSA-134
* gnttab: add missing version check to GNTTABOP_swap_grant_ref handling
- CVE-2015-3209 / XSA-135
* pcnet: fix Negative array index read
* pcnet: force the buffer access to be in bounds during tx
- CVE-2015-4164 / XSA-136
* x86/traps: loop in the correct direction in compat_iret()
- CVE-2015-3259 / XSA-137
* xl: Sane handling of extra config file arguments
- CVE-2015-5154 / XSA-138
* ide: Check array bounds before writing to io_buffer
* ide: Clear DRQ after handling all expected accesses
- CVE-2015-5165 / XSA-140
* rtl8139: avoid nested ifs in IP header parsing
* rtl8139: drop tautologous if (ip) {...} statement
* rtl8139: skip offload on short Ethernet/IP header
* rtl8139: check IP Header Length field
* rtl8139: check IP Total Length field
* rtl8139: skip offload on short TCP header
* rtl8139: check TCP Data Offset field
- CVE-2015-6654 / XSA-141
* xen/arm: mm: Do not dump the p2m when mapping a foreign gfn
Date: 2015-09-02 17:53:17.556362+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/xen/4.4.2-0ubuntu0.14.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list