[ubuntu/yakkety-proposed] xen 4.7.2-0ubuntu1 (Accepted)

Stefan Bader stefan.bader at canonical.com
Thu Mar 16 17:28:20 UTC 2017 

xen (4.7.2-0ubuntu1) yakkety; urgency=medium

  * Rebasing to upstream stable release 4.7.2 (LP: #1672767)
    https://www.xenproject.org/downloads/xen-archives/xen-47-series.html
    - Includes fix for booting 4.10 Linux kernels in HVM guests on Intel
      hosts which support the TSC_ADJUST MSR (LP: #1671760)
    - Dropping: d/p/preup-tools-fix-linear-p2m-save.patch which is part
      of the stable update.
    - Additional security relevant changes:
      * XSA-207
        - memory leak when destroying guest without PT devices
    - Replacing the following security fixes with the versions from the
      stable update:
      * CVE-2016-6258 / XSA-182
        - x86: Privilege escalation in PV guests
      * CVE-2016-6259 / XSA-183
        - x86: Missing SMAP whitelisting in 32-bit exception / event delivery
      * CVE-2016-7092 / XSA-185
        - x86: Disallow L3 recursive pagetable for 32-bit PV guests
      * CVE-2016-7093 / XSA-186
        - x86: Mishandling of instruction pointer truncation during emulation
      * CVE-2016-7094 / XSA-187
        - x86 HVM: Overflow of sh_ctxt->seg_reg[]
      * CVE-2016-7777 / XSA-190
        - CR0.TS and CR0.EM not always honored for x86 HVM guests
      * CVE-2016-9386 / XSA-191
        - x86 null segments not always treated as unusable
      * CVE-2016-9382 / XSA-192
        - x86 task switch to VM86 mode mis-handled
      * CVE-2016-9385 / XSA-193
        - x86 segment base write emulation lacking canonical address checks
      * CVE-2016-9384 / XSA-194
        - guest 32-bit ELF symbol table load leaking host data
      * CVE-2016-9383 / XSA-195
        - x86 64-bit bit test instruction emulation broken
      * CVE-2016-9377, CVE-2016-9378 / XSA-196
        - x86 software interrupt injection mis-handled
      * CVE-2016-9379, CVE-2016-9380 / XSA-198
        - delimiter injection vulnerabilities in pygrub
      * CVE-2016-9932 / XSA-200
        - x86 CMPXCHG8B emulation fails to ignore operand size override
      * CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA-201
        - ARM guests may induce host asynchronous abort
      * CVE-2016-10024 / XSA-202
        - x86 PV guests may be able to mask interrupts
      * CVE-2016-10025 / XSA-203
        - x86: missing NULL pointer check in VMFUNC emulation
      * CVE-2016-10013 / XSA-204
        - x86: Mishandling of SYSCALL singlestep during emulation
  * Copy contents of debian/build/install-utils_$(ARCH)/usr/sbin into
    debian/build/install-utils_$ARCH/usr/lib/xen-$(VERSION) (LP: #1396670).

Date: Tue, 14 Mar 2017 15:45:59 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/xen/4.7.2-0ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 14 Mar 2017 15:45:59 +0100
Source: xen
Binary: libxen-4.7 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.7 xen-hypervisor-4.7-amd64 xen-system-amd64 xen-hypervisor-4.7-arm64 xen-system-arm64 xen-hypervisor-4.7-armhf xen-system-armhf xen-hypervisor-4.6-amd64 xen-hypervisor-4.6-armhf xen-hypervisor-4.6-arm64
Architecture: source
Version: 4.7.2-0ubuntu1
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
 libxen-4.7 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxenstore3.0 - Xenstore communications library for Xen
 xen-hypervisor-4.6-amd64 - Transitional package for upgrade
 xen-hypervisor-4.6-arm64 - Transitional package for upgrade
 xen-hypervisor-4.6-armhf - Transitional package for upgrade
 xen-hypervisor-4.7-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.7-arm64 - Xen Hypervisor on ARM64
 xen-hypervisor-4.7-armhf - Xen Hypervisor on ARMHF
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-arm64 - Xen System on ARM64 (meta-package)
 xen-system-armhf - Xen System on ARMHF (meta-package)
 xen-utils-4.7 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore command line utilities for Xen
Launchpad-Bugs-Fixed: 1396670 1671760 1672767
Changes:
 xen (4.7.2-0ubuntu1) yakkety; urgency=medium
 .
   * Rebasing to upstream stable release 4.7.2 (LP: #1672767)
     https://www.xenproject.org/downloads/xen-archives/xen-47-series.html
     - Includes fix for booting 4.10 Linux kernels in HVM guests on Intel
       hosts which support the TSC_ADJUST MSR (LP: #1671760)
     - Dropping: d/p/preup-tools-fix-linear-p2m-save.patch which is part
       of the stable update.
     - Additional security relevant changes:
       * XSA-207
         - memory leak when destroying guest without PT devices
     - Replacing the following security fixes with the versions from the
       stable update:
       * CVE-2016-6258 / XSA-182
         - x86: Privilege escalation in PV guests
       * CVE-2016-6259 / XSA-183
         - x86: Missing SMAP whitelisting in 32-bit exception / event delivery
       * CVE-2016-7092 / XSA-185
         - x86: Disallow L3 recursive pagetable for 32-bit PV guests
       * CVE-2016-7093 / XSA-186
         - x86: Mishandling of instruction pointer truncation during emulation
       * CVE-2016-7094 / XSA-187
         - x86 HVM: Overflow of sh_ctxt->seg_reg[]
       * CVE-2016-7777 / XSA-190
         - CR0.TS and CR0.EM not always honored for x86 HVM guests
       * CVE-2016-9386 / XSA-191
         - x86 null segments not always treated as unusable
       * CVE-2016-9382 / XSA-192
         - x86 task switch to VM86 mode mis-handled
       * CVE-2016-9385 / XSA-193
         - x86 segment base write emulation lacking canonical address checks
       * CVE-2016-9384 / XSA-194
         - guest 32-bit ELF symbol table load leaking host data
       * CVE-2016-9383 / XSA-195
         - x86 64-bit bit test instruction emulation broken
       * CVE-2016-9377, CVE-2016-9378 / XSA-196
         - x86 software interrupt injection mis-handled
       * CVE-2016-9379, CVE-2016-9380 / XSA-198
         - delimiter injection vulnerabilities in pygrub
       * CVE-2016-9932 / XSA-200
         - x86 CMPXCHG8B emulation fails to ignore operand size override
       * CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA-201
         - ARM guests may induce host asynchronous abort
       * CVE-2016-10024 / XSA-202
         - x86 PV guests may be able to mask interrupts
       * CVE-2016-10025 / XSA-203
         - x86: missing NULL pointer check in VMFUNC emulation
       * CVE-2016-10013 / XSA-204
         - x86: Mishandling of SYSCALL singlestep during emulation
   * Copy contents of debian/build/install-utils_$(ARCH)/usr/sbin into
     debian/build/install-utils_$ARCH/usr/lib/xen-$(VERSION) (LP: #1396670).
Checksums-Sha1:
 9298d0f6282a0bacff4c484717cff5e83502b1a0 3327 xen_4.7.2-0ubuntu1.dsc
 0f286feaf7c395c94d6c317ac74f6787636faed0 3959808 xen_4.7.2.orig.tar.xz
 7497ca99f9c2769626f691beead9468747702244 63688 xen_4.7.2-0ubuntu1.debian.tar.xz
Checksums-Sha256:
 d0cdaa7769dca12978f7c7760597f15f8f8ac0bb226ff9ff8b391649d6f15f76 3327 xen_4.7.2-0ubuntu1.dsc
 68a6b04028f947e56b986b080518cec118240c012bfb82636410b804d0950316 3959808 xen_4.7.2.orig.tar.xz
 737bea9c242abc058a196dbf00a28ea1a2737db4bafa0ecaf3ebeb9ae6045865 63688 xen_4.7.2-0ubuntu1.debian.tar.xz
Files:
 25271c7c08b73051e9cb2547635d0b1f 3327 kernel optional xen_4.7.2-0ubuntu1.dsc
 16b0f0bfdb6f7904fd1a08f33dc2c725 3959808 kernel optional xen_4.7.2.orig.tar.xz
 d5a0c14122be328a3d382ac6010944c6 63688 kernel optional xen_4.7.2-0ubuntu1.debian.tar.xz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>

More information about the Yakkety-changes mailing list