[ubuntu/vivid-proposed] xen 4.5.0-1ubuntu3 (Accepted)

Stefan Bader stefan.bader at canonical.com
Thu Mar 12 13:55:15 UTC 2015 

xen (4.5.0-1ubuntu3) vivid; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2015-0268 / XSA-117
      * xen/arm: vgic-v2: Don't crash the hypervisor if the SGI
        target mode is invalid
    - CVE-2015-1563 / XSA-118
      * xen/arm: vgic: message in the emulation code should be
        rate-limited
    - CVE-2015-2152 / XSA-119
      * tools: libxl: Explicitly disable graphics backends on qemu
        cmdline
    - CVE-2015-2044 / XSA-121
      * x86/HVM: return all ones on wrong-sized reads of system device I/O
        ports
    - CVE-2015-2045 / XSA-122
      * pre-fill structures for certain HYPERVISOR_xen_version sub-ops
    - CVE-2015-2151 / XSA-123
      * x86emul: fully ignore segment override for register-only operations

Date: Wed, 04 Mar 2015 12:34:49 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/xen/4.5.0-1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 04 Mar 2015 12:34:49 +0100
Source: xen
Binary: libxen-4.5 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.5 xen-hypervisor-4.5-amd64 xen-system-amd64 xen-hypervisor-4.5-arm64 xen-system-arm64 xen-hypervisor-4.5-armhf xen-system-armhf xen-hypervisor-4.4-amd64 xen-hypervisor-4.4-armhf xen-hypervisor-4.4-arm64
Architecture: source
Version: 4.5.0-1ubuntu3
Distribution: vivid
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
 libxen-4.5 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxenstore3.0 - Xenstore communications library for Xen
 xen-hypervisor-4.4-amd64 - Transitional package for upgrade
 xen-hypervisor-4.4-arm64 - Transitional package for upgrade
 xen-hypervisor-4.4-armhf - Transitional package for upgrade
 xen-hypervisor-4.5-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.5-arm64 - Xen Hypervisor on ARM64
 xen-hypervisor-4.5-armhf - Xen Hypervisor on ARMHF
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-arm64 - Xen System on ARM64 (meta-package)
 xen-system-armhf - Xen System on ARMHF (meta-package)
 xen-utils-4.5 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore command line utilities for Xen
Changes:
 xen (4.5.0-1ubuntu3) vivid; urgency=low
 .
   * Applying Xen Security Advisories:
     - CVE-2015-0268 / XSA-117
       * xen/arm: vgic-v2: Don't crash the hypervisor if the SGI
         target mode is invalid
     - CVE-2015-1563 / XSA-118
       * xen/arm: vgic: message in the emulation code should be
         rate-limited
     - CVE-2015-2152 / XSA-119
       * tools: libxl: Explicitly disable graphics backends on qemu
         cmdline
     - CVE-2015-2044 / XSA-121
       * x86/HVM: return all ones on wrong-sized reads of system device I/O
         ports
     - CVE-2015-2045 / XSA-122
       * pre-fill structures for certain HYPERVISOR_xen_version sub-ops
     - CVE-2015-2151 / XSA-123
       * x86emul: fully ignore segment override for register-only operations
Checksums-Sha1:
 f60143fe0952b92a9fcd64c6b5ae48844f17a792 3310 xen_4.5.0-1ubuntu3.dsc
 0c4e9061876bf1c4f58f4cbe5beb72def2d2de2e 63000 xen_4.5.0-1ubuntu3.debian.tar.xz
Checksums-Sha256:
 de08f43db73879fde37976e8ff35734f9d1bef422843525bd3055660cf0b1d06 3310 xen_4.5.0-1ubuntu3.dsc
 c950df5e6aca9f8cbd7f866af972d95e28880c8a4761c67f5273ac2184025bc0 63000 xen_4.5.0-1ubuntu3.debian.tar.xz
Files:
 9587c226cc20f1a61551a27a53527dbb 3310 kernel optional xen_4.5.0-1ubuntu3.dsc
 debe3c87605beb31fecfa89bab6e6771 63000 kernel optional xen_4.5.0-1ubuntu3.debian.tar.xz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVAZpyAAoJEOhnXe7L7s6j6pcQAJDC5wgC/Fdb2RwsZmcmVXqf
Aj9lQrx6yZALEzA6W+FWS+p51UvdPFnDQx377qLxI+d5UMNNwoaS/oHiku4AgVmr
n8pytoAoI4LSH8D6+BhhUSmRYfpIYnv4R/dIzCTvFQnu8StIptV9hA0YbN2dg9ev
LYi6izzFsN68coCp346BZh7gzK8lX+jgnzQREiWWTnqk/5weyqcCM+0qUNBuxteU
d20R1Z7E7ll9W2fRIQId9jXZ7bK5MKFAYKzrgUnEOFx3hHPUymqaVFq3khwRbE6A
R9qNdx1j2xWO/j+aU7mv4YjClwswGdm4vcuBCjZcGVAkxYG5Vki0hy2URVuMBXIn
98C3LZPGSiQA0pAun8W2s2d3iZF8BFS7k0VCmL1Sq5xTKipvAPI4+AS1yJqu6mx2
C+P45ruzL0PNVNAme5FNLQLwstlSqlMGPbFVkkqdVCPcDtcEeJjdAUDqT/wNuFp5
h5kG/FghG2nwfzKbiyX5/mRCzIi+ZeE8mBnMk3QAboFsoKQnkVocnAYMPkzqY3He
NQtcfWi2sNzf9rvZRF1a9Ex/jAjP3d+CnLQsjhs9VH3aub0sRn8gM7/B78a7cY/9
TR3uYzv4zYnlIetETqjk3mFOl1io3PLNt99iJiKS+2jujuVRQC+mHVb86J4DupcQ
RL6xvHytJy3WTq4HWBID
=aWda
-----END PGP SIGNATURE-----

More information about the Vivid-changes mailing list