[ubuntu/utopic-proposed] xen 4.4.0-0ubuntu6 (Accepted)

Stefan Bader stefan.bader at canonical.com
Wed Jul 9 11:59:15 UTC 2014 

xen (4.4.0-0ubuntu6) utopic; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2014-2599 / XSA-89
      * x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access()
    - CVE-2014-3125 / XSA-91
      * xen/arm: Correctly save/restore CNTKCTL_EL1
    - CVE-2014-3124 / XSA-92
      * x86/HVM: restrict HVMOP_set_mem_type
    - CVE-2014-2915 / XSA-93
      * xen/arm: Inject an undefined instruction when the coproc/sysreg
                 is not handled
      * xen/arm: Don't let the guest access the coprocessors registers
      * xen/arm: Upgrade DCISW into DCCISW
      * xen/arm: Trap cache and TCM lockdown registers
      * xen/arm: Don't expose implementation defined registers (Cp15 c15)
                 to the guest
      * xen/arm: Don't let guess access to Debug and Performance Monitor
                 registers
    - CVE-2014-2986 / XSA-94
      * xen/arm: vgic: Check rank in GICD_ICFGR* emulation before locking
    - CVE-2014-3714, CVE-2014-3715,  CVE-2014-3716, CVE-2014-3717 / XSA-95
      * tools: arm: remove code to check for a DTB appended to the kernel
    - CVE-2014-3967,CVE-2014-3968 / XSA-96
      * x86/HVM: eliminate vulnerabilities from hvm_inject_msi()
    - CVE-2014-3969 / XSA-98
      * xen: arm: check permissions when copying to/from guest virtual
                  addresses
      * xen: arm: ensure we hold a reference to guest pages while we copy
                  to/from them
    - CVE-2014-4021 / XSA-100
      * AMD IOMMU: don't free page table prematurely
      * page-alloc: scrub pages used by hypervisor upon freeing
    - CVE-2014-4022 / XSA-101
      * xen: arm: initialise the grant_table_gpfn array on allocation

Date: Mon, 23 Jun 2014 15:40:16 +0200
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/utopic/+source/xen/4.4.0-0ubuntu6
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 23 Jun 2014 15:40:16 +0200
Source: xen
Binary: libxen-4.4 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.4 xen-hypervisor-4.4-amd64 xen-system-amd64 xen-hypervisor-4.4-armhf xen-system-armhf xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.1-amd64 xen-hypervisor-4.1-i386 xen-hypervisor-4.3-amd64 xen-hypervisor-4.3-armhf
Architecture: source
Version: 4.4.0-0ubuntu6
Distribution: utopic
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
 libxen-4.4 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxen-ocaml - OCaml libraries for controlling Xen
 libxen-ocaml-dev - OCaml libraries for controlling Xen (devel package)
 libxenstore3.0 - Xenstore communications library for Xen
 xen-hypervisor-4.1-amd64 - Transitional package for upgrade
 xen-hypervisor-4.1-i386 - Transitional package for upgrade
 xen-hypervisor-4.3-amd64 - Transitional package for upgrade
 xen-hypervisor-4.3-armhf - Transitional package for upgrade
 xen-hypervisor-4.4-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.4-arm64 - Xen Hypervisor on Arm64
 xen-hypervisor-4.4-armhf - Xen Hypervisor on Arm v7/v8
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-arm64 - Xen System on Arm64 (meta-package)
 xen-system-armhf - Xen System on Arm  v7/v8 (meta-package)
 xen-utils-4.4 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore utilities for Xen
Changes:
 xen (4.4.0-0ubuntu6) utopic; urgency=low
 .
   * Applying Xen Security Advisories:
     - CVE-2014-2599 / XSA-89
       * x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access()
     - CVE-2014-3125 / XSA-91
       * xen/arm: Correctly save/restore CNTKCTL_EL1
     - CVE-2014-3124 / XSA-92
       * x86/HVM: restrict HVMOP_set_mem_type
     - CVE-2014-2915 / XSA-93
       * xen/arm: Inject an undefined instruction when the coproc/sysreg
                  is not handled
       * xen/arm: Don't let the guest access the coprocessors registers
       * xen/arm: Upgrade DCISW into DCCISW
       * xen/arm: Trap cache and TCM lockdown registers
       * xen/arm: Don't expose implementation defined registers (Cp15 c15)
                  to the guest
       * xen/arm: Don't let guess access to Debug and Performance Monitor
                  registers
     - CVE-2014-2986 / XSA-94
       * xen/arm: vgic: Check rank in GICD_ICFGR* emulation before locking
     - CVE-2014-3714, CVE-2014-3715,  CVE-2014-3716, CVE-2014-3717 / XSA-95
       * tools: arm: remove code to check for a DTB appended to the kernel
     - CVE-2014-3967,CVE-2014-3968 / XSA-96
       * x86/HVM: eliminate vulnerabilities from hvm_inject_msi()
     - CVE-2014-3969 / XSA-98
       * xen: arm: check permissions when copying to/from guest virtual
                   addresses
       * xen: arm: ensure we hold a reference to guest pages while we copy
                   to/from them
     - CVE-2014-4021 / XSA-100
       * AMD IOMMU: don't free page table prematurely
       * page-alloc: scrub pages used by hypervisor upon freeing
     - CVE-2014-4022 / XSA-101
       * xen: arm: initialise the grant_table_gpfn array on allocation
Checksums-Sha1:
 37a50082fe90899ffa5fdb1e917fa96d81408d32 3779 xen_4.4.0-0ubuntu6.dsc
 38c38ea0e6799d4f1112baf81bd8b99a739e6481 74476 xen_4.4.0-0ubuntu6.debian.tar.xz
Checksums-Sha256:
 22dcb49c9b84275d74f3827d36abdb99abd66ed16c7c168dd17bce42bce78c7e 3779 xen_4.4.0-0ubuntu6.dsc
 78622127e8e6d9a914110349b5b5a9ea5d773aa4a7e7ddd93b35825fd730f9af 74476 xen_4.4.0-0ubuntu6.debian.tar.xz
Files:
 02aa354b70b98f7368a29b35b1976ec0 3779 kernel optional xen_4.4.0-0ubuntu6.dsc
 1b5288c293f06e53f5076d9abb72aa5f 74476 kernel optional xen_4.4.0-0ubuntu6.debian.tar.xz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJTvS3zAAoJEGVp2FWnRL6TsF8P/3gJPenTdP5zXMJPaQnw0YFF
YSaj65Lyg84TsGoKjWYuTDVL3oYyX+b8HqsFcSXyPgq5aV65IPFhp3pG7CfjJHEv
qfjCFghRxxmr3VXXxcb11aMiO62/fA7OBF/Zwa5XKdjF6zL8f6K1N7H1+OTb2rtn
19Ygz+rdgKNN6JGiip9NHI6j2+l3ny3HRRIl48yQ2fXEvkZBEhgrV9m058pyF1BG
uv5t7Cg6n7hqQQL49bgfl28AXPlSsJ9T1u52ynv9FleyyBSY1CRPGK2Y0ksy3fjG
HTSIQAZ63+IAizHKTqrYMaMFU955y7WNawUPRetz492Tq+CgbIkE5AEnzrglXrkw
w5p12GHpzk3SehIItZojtoYXHAsDFK7fcv5dnEn5Soag3rA2Rs5Mqvjfu8gXa3cs
pfKdAbiVws7BmruiUEqS70y2JmiMpyOekidFNG99+v5V2Q/4DiXEY2nSXk5biipR
7WxW6U7FqaqJK1tFRHw6TtrL/ix4wZL65PXYJz+PRGoKOxjwaXVyerN9OSDO+4oC
u8CduJIPKoIkjCyRhnpO3zb/L5iQMKN3FpklUikEb2RQboge4TJcVb7DFnPZ4YyA
ngG7ZWDJyemL1NAveLR4RgLmwgi+MSrhDIua4rsHspEqtXWgmCCX07o7W/7ObQ4T
WH/I4MtyJJ5M9Se+tVkO
=rA+b
-----END PGP SIGNATURE-----

More information about the Utopic-changes mailing list