[ubuntu/xenial-proposed] xen 4.5.1-0ubuntu2 (Accepted)

Tue Nov 10 17:53:16 UTC 2015

xen (4.5.1-0ubuntu2) xenial; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2015-7311 / XSA-142
      * libxl: handle read-only drives with qemu-xen
    - CVE-2015-7812 / XSA-145
      * xen/arm: Support hypercall_create_continuation for multicall
    - CVE-2015-7813 / XSA-146
      * xen: arm: rate-limit logging from unimplemented PHYSDEVOP and HVMOP.
    - CVE-2015-7814 / XSA-147
      * xen: arm: handle races between relinquish_memory and
        free_domheap_pages
    - CVE-2015-7835 / XSA-148
      * x86: guard against undue super page PTE creation
    - CVE-2015-7969 / XSA-149
      * xen: free domain's vcpu array
    - CVE-2015-7970 / XSA-150
      * x86/PoD: Eager sweep for zeroed pages
    - CVE-2015-7969 / XSA-151
      * xenoprof: free domain's vcpu array
    - CVE-2015-7971 / XSA-152
      * x86: rate-limit logging in do_xen{oprof,pmu}_op()
    - CVE-2015-7972 / XSA-153
      * libxl: adjust PoD target by memory fudge, too
    - CVE-2015-5307 / XSA-156
      * x86/HVM: always intercept #AC and #DB

Date: Tue, 03 Nov 2015 08:39:07 -0600
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/xen/4.5.1-0ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 03 Nov 2015 08:39:07 -0600
Source: xen
Binary: libxen-4.5 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.5 xen-hypervisor-4.5-amd64 xen-system-amd64 xen-hypervisor-4.5-arm64 xen-system-arm64 xen-hypervisor-4.5-armhf xen-system-armhf xen-hypervisor-4.4-amd64 xen-hypervisor-4.4-armhf xen-hypervisor-4.4-arm64
Architecture: source
Version: 4.5.1-0ubuntu2
Distribution: xenial
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
 libxen-4.5 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxenstore3.0 - Xenstore communications library for Xen
 xen-hypervisor-4.4-amd64 - Transitional package for upgrade
 xen-hypervisor-4.4-arm64 - Transitional package for upgrade
 xen-hypervisor-4.4-armhf - Transitional package for upgrade
 xen-hypervisor-4.5-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.5-arm64 - Xen Hypervisor on ARM64
 xen-hypervisor-4.5-armhf - Xen Hypervisor on ARMHF
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-arm64 - Xen System on ARM64 (meta-package)
 xen-system-armhf - Xen System on ARMHF (meta-package)
 xen-utils-4.5 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore command line utilities for Xen
Changes:
 xen (4.5.1-0ubuntu2) xenial; urgency=low
 .
   * Applying Xen Security Advisories:
     - CVE-2015-7311 / XSA-142
       * libxl: handle read-only drives with qemu-xen
     - CVE-2015-7812 / XSA-145
       * xen/arm: Support hypercall_create_continuation for multicall
     - CVE-2015-7813 / XSA-146
       * xen: arm: rate-limit logging from unimplemented PHYSDEVOP and HVMOP.
     - CVE-2015-7814 / XSA-147
       * xen: arm: handle races between relinquish_memory and
         free_domheap_pages
     - CVE-2015-7835 / XSA-148
       * x86: guard against undue super page PTE creation
     - CVE-2015-7969 / XSA-149
       * xen: free domain's vcpu array
     - CVE-2015-7970 / XSA-150
       * x86/PoD: Eager sweep for zeroed pages
     - CVE-2015-7969 / XSA-151
       * xenoprof: free domain's vcpu array
     - CVE-2015-7971 / XSA-152
       * x86: rate-limit logging in do_xen{oprof,pmu}_op()
     - CVE-2015-7972 / XSA-153
       * libxl: adjust PoD target by memory fudge, too
     - CVE-2015-5307 / XSA-156
       * x86/HVM: always intercept #AC and #DB
Checksums-Sha1:
 6dde771edfd0e9bd378e31e3bd3a87dd9406ed25 3310 xen_4.5.1-0ubuntu2.dsc
 c703dca51619c6819923cacc81051d0d50f46ee0 69752 xen_4.5.1-0ubuntu2.debian.tar.xz
Checksums-Sha256:
 d9ef229112507bdeca12d42c0156c48f34768401e252b6407ff63c674afa7a3e 3310 xen_4.5.1-0ubuntu2.dsc
 e15b28ec653ac0fcc804b6522d071da01f6204f963a9d5c4ae7998a1d3eb388e 69752 xen_4.5.1-0ubuntu2.debian.tar.xz
Files:
 933e150d9aec27bb0f25642639866298 3310 kernel optional xen_4.5.1-0ubuntu2.dsc
 3a3bdcdb56a0e925b3a2c8c2ff79418d 69752 kernel optional xen_4.5.1-0ubuntu2.debian.tar.xz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWQi6TAAoJEGVp2FWnRL6Tx70P/0+jkXxxVWdMHmS56JgTmpAi
i4UO/kA4c+7R6Qs/nmruntKuu9HH7FGgC2kQtMryUiOURxGuzOXoYWYWXbxSHfAM
b/VtB8zye4VyJCPUg4TMDJfiV8OsYQ8K5b+6EQ8u1/2o5VxtFWpaRTo6V9/0elTT
Ab9JbzJqj98fVuwXHIccmxpmneNCFmoSlrQ06WYyn4YR9IRxxTEbOhsI/ToGk5MD
VUK+U6hZ7WOkw97kdRh8voYgNuMMegVFg7uYbZi5r5qtHloZ+JvxSfUf4w56Cli/
Xj9I4jtqOgaL9qpzr3qG2q/og/z6LOQtRm5bXCJ4iSPD+oQmVUfIMSZ4vGGisfXh
+vkqu0pDWjce3x4xDmDfayyMr4C8UoHL9mkOeYSLy0bthEj9LYv562drc16Vpcwa
xnECqHkZLrUu74KXqR6OobAbDr8G5kdTnNXn1XwRB3vdzpwGiA511Rl5dJ9o71al
BQdAe4Yt+YfHIO6SNJZzVi8NMDkJairI3RGuPzEuDYLdlIqNkRFGO7xbHL0te2aG
eaYE3+3az2SciTIyFiaPb6jGuK28dLpgdWCvxazFRZqdu6iFoMWoiDRfmJY0rJbZ
iIKaCO7jtntQ403JJ/1qitWyP85wPdYQv43IezxOe/jensQelHE1zDAUMFdxhC+n
5/2qWWRyYZvdsk1msJeN
=VlmH
-----END PGP SIGNATURE-----