[ubuntu/yakkety-proposed] xen 4.6.0-1ubuntu5 (Accepted)
Stefan Bader
stefan.bader at canonical.com
Tue Jun 14 10:38:27 UTC 2016
xen (4.6.0-1ubuntu5) yakkety; urgency=low
* Applying Xen Security Advisories:
- CVE-2016-3158, CVE-2016-3159 / XSA-172
* x86: fix information leak on AMD CPUs
- CVE-2016-3960 / XSA-173
* x86: limit GFNs to 32 bits for shadowed superpages.
- CVE-2016-4962 / XSA-175
* libxl: Record backend/frontend paths in /libxl/$DOMID
* libxl: Provide libxl__backendpath_parse_domid
* libxl: Do not trust frontend in libxl__devices_destroy
* libxl: Do not trust frontend in libxl__device_nextid
* libxl: Do not trust frontend for disk eject event
* libxl: Do not trust frontend for disk in getinfo
* libxl: Do not trust frontend for vtpm list
* libxl: Do not trust frontend for vtpm in getinfo
* libxl: Do not trust frontend for nic in libxl_devid_to_device_nic
* libxl: Do not trust frontend for nic in getinfo
* libxl: Do not trust frontend for channel in list
* libxl: Do not trust frontend for channel in getinfo
* libxl: Cleanup: Have libxl__alloc_vdev use /libxl
* libxl: Document ~/serial/ correctly
- CVE-2016-4480 / XSA-176
* x86/mm: fully honor PS bits in guest page table walks
- CVE-2016-4963 / XSA-178
* libxl: Make copy of every xs backend in /libxl in _generic_add
* libxl: Do not trust backend in libxl__device_exists
* libxl: Do not trust backend for vtpm in getinfo (except uuid)
* libxl: Do not trust backend for vtpm in getinfo (uuid)
* libxl: cdrom eject and insert: write to /libxl
* libxl: Do not trust backend for disk eject vdev
* libxl: Do not trust backend for disk; fix driver domain disks list
* libxl: Do not trust backend for disk in getinfo
* libxl: Do not trust backend for cdrom insert
* libxl: Do not trust backend for channel in getinfo
* libxl: Rename libxl__device_{nic,channel}_from_xs_be to _from_xenstore
* libxl: Rename READ_BACKEND to READ_LIBXLDEV
* libxl: Have READ_LIBXLDEV use libxl_path rather than be_path
* libxl: Do not trust backend in nic getinfo
* libxl: Do not trust backend for nic in devid_to_device
* libxl: Do not trust backend for nic in list
* libxl: Do not trust backend in channel list
* libxl: Cleanup: use libxl__backendpath_parse_domid in
libxl__device_disk_from_xs_be
* libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
- CVE-2016-5242 / XSA-181
* xen/arm: Don't free p2m->first_level in p2m_teardown() before
it has been allocated
Date: Tue, 07 Jun 2016 16:30:19 +0200
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/xen/4.6.0-1ubuntu5
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 07 Jun 2016 16:30:19 +0200
Source: xen
Binary: libxen-4.6 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.6 xen-hypervisor-4.6-amd64 xen-system-amd64 xen-hypervisor-4.6-arm64 xen-system-arm64 xen-hypervisor-4.6-armhf xen-system-armhf xen-hypervisor-4.4-amd64 xen-hypervisor-4.4-armhf xen-hypervisor-4.4-arm64 xen-hypervisor-4.5-amd64 xen-hypervisor-4.5-armhf xen-hypervisor-4.5-arm64
Architecture: source
Version: 4.6.0-1ubuntu5
Distribution: yakkety
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
libxen-4.6 - Public libs for Xen
libxen-dev - Public headers and libs for Xen
libxenstore3.0 - Xenstore communications library for Xen
xen-hypervisor-4.4-amd64 - Transitional package for upgrade
xen-hypervisor-4.4-arm64 - Transitional package for upgrade
xen-hypervisor-4.4-armhf - Transitional package for upgrade
xen-hypervisor-4.5-amd64 - Transitional package for upgrade
xen-hypervisor-4.5-arm64 - Transitional package for upgrade
xen-hypervisor-4.5-armhf - Transitional package for upgrade
xen-hypervisor-4.6-amd64 - Xen Hypervisor on AMD64
xen-hypervisor-4.6-arm64 - Xen Hypervisor on ARM64
xen-hypervisor-4.6-armhf - Xen Hypervisor on ARMHF
xen-system-amd64 - Xen System on AMD64 (meta-package)
xen-system-arm64 - Xen System on ARM64 (meta-package)
xen-system-armhf - Xen System on ARMHF (meta-package)
xen-utils-4.6 - XEN administrative tools
xen-utils-common - Xen administrative tools - common files
xenstore-utils - Xenstore command line utilities for Xen
Changes:
xen (4.6.0-1ubuntu5) yakkety; urgency=low
.
* Applying Xen Security Advisories:
- CVE-2016-3158, CVE-2016-3159 / XSA-172
* x86: fix information leak on AMD CPUs
- CVE-2016-3960 / XSA-173
* x86: limit GFNs to 32 bits for shadowed superpages.
- CVE-2016-4962 / XSA-175
* libxl: Record backend/frontend paths in /libxl/$DOMID
* libxl: Provide libxl__backendpath_parse_domid
* libxl: Do not trust frontend in libxl__devices_destroy
* libxl: Do not trust frontend in libxl__device_nextid
* libxl: Do not trust frontend for disk eject event
* libxl: Do not trust frontend for disk in getinfo
* libxl: Do not trust frontend for vtpm list
* libxl: Do not trust frontend for vtpm in getinfo
* libxl: Do not trust frontend for nic in libxl_devid_to_device_nic
* libxl: Do not trust frontend for nic in getinfo
* libxl: Do not trust frontend for channel in list
* libxl: Do not trust frontend for channel in getinfo
* libxl: Cleanup: Have libxl__alloc_vdev use /libxl
* libxl: Document ~/serial/ correctly
- CVE-2016-4480 / XSA-176
* x86/mm: fully honor PS bits in guest page table walks
- CVE-2016-4963 / XSA-178
* libxl: Make copy of every xs backend in /libxl in _generic_add
* libxl: Do not trust backend in libxl__device_exists
* libxl: Do not trust backend for vtpm in getinfo (except uuid)
* libxl: Do not trust backend for vtpm in getinfo (uuid)
* libxl: cdrom eject and insert: write to /libxl
* libxl: Do not trust backend for disk eject vdev
* libxl: Do not trust backend for disk; fix driver domain disks list
* libxl: Do not trust backend for disk in getinfo
* libxl: Do not trust backend for cdrom insert
* libxl: Do not trust backend for channel in getinfo
* libxl: Rename libxl__device_{nic,channel}_from_xs_be to _from_xenstore
* libxl: Rename READ_BACKEND to READ_LIBXLDEV
* libxl: Have READ_LIBXLDEV use libxl_path rather than be_path
* libxl: Do not trust backend in nic getinfo
* libxl: Do not trust backend for nic in devid_to_device
* libxl: Do not trust backend for nic in list
* libxl: Do not trust backend in channel list
* libxl: Cleanup: use libxl__backendpath_parse_domid in
libxl__device_disk_from_xs_be
* libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
- CVE-2016-5242 / XSA-181
* xen/arm: Don't free p2m->first_level in p2m_teardown() before
it has been allocated
Checksums-Sha1:
d611423d513fea0f426eaba612db795437c49831 3587 xen_4.6.0-1ubuntu5.dsc
377461ceebdbdf38a03fcb1a11cdb8809315d45e 101964 xen_4.6.0-1ubuntu5.debian.tar.xz
Checksums-Sha256:
3f04ba44fa988fbb79a713379296dd980d1c5e4860f913f0f6e09fb391b46d04 3587 xen_4.6.0-1ubuntu5.dsc
4e325da749b12e5f588240958c4d52ef85a86e182216770508f17b8d6269d2e1 101964 xen_4.6.0-1ubuntu5.debian.tar.xz
Files:
6a891f537dfe085e5a2fe570a26b6c6e 3587 kernel optional xen_4.6.0-1ubuntu5.dsc
946020256b3f8565fbf1f1410312b24b 101964 kernel optional xen_4.6.0-1ubuntu5.debian.tar.xz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJXX8U7AAoJEOhnXe7L7s6jOJ4QAMnUw6iqkPoPgdH3QrG68bBv
brW5b8uEd5PXgbL+HOLOR6PFTgEJfpIjndoMX7DppYE9MvR9+UQ9NCMDsC+QsSb+
9h2+L9NSDl57akPQjdFYuuhq+DZ1+2+QY+2GTas9/6Ft1AgFsW55lSg5A4916Rg7
ZGA4SRUnggy6JmBBtBbN3c2ZXkdcMBTpNSi7wPCVLRf498sU0aTQZmKGvUVXDeUY
tk1ptdl+qvcEGRU5IgOGXJnXvSNZox6uOc+kbXEKi8eghUccQtqht+e9LIEvoY16
5UY1pMG69T946kEPA/Yd0tsW1nIlIeKpNEo27HWKp3oKM4x7z9HF1ViH+yHVj6Cq
9GbbLjSJy/vVCQF8fm76mb5UsIIlqUOIzlRJSp+2JlNGg+vh57J+GfUmJuAx3hO5
60jrnp0zOgp8Ppiq0PRgreGp1ltlrdaFDr2f+PrfxnTnmkU9r05hx3n/FbgmboIj
URQO9Blhxj+0IHaB3cgMg+6dN92PmQjcim7N2Mm/aXQS1LKtdaH8l4iD6hen82iQ
yFTkJzAoAZ+++UdAVVBS+V8bGMzarYB6o4luiTzk3xF/jT+e0K5azUuEi+OQ5lOi
b4VFVeajFpBTykldAmScYgvgoVCp494wfuSplNqGE3Z0kd97LAj6+ieUbTindF+a
FxmMM/UpsYgEG/K2b2qf
=Rg+B
-----END PGP SIGNATURE-----
More information about the Yakkety-changes
mailing list