[ubuntu/yakkety-security] xen 4.7.2-0ubuntu1.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon May 15 11:42:14 UTC 2017
xen (4.7.2-0ubuntu1.2) yakkety-security; urgency=low
* Applying Xen Security Advisories:
- XSA-206
* xenstored: apply a write transaction rate limit
* xenstored: Log when the write transaction rate limit bites
* oxenstored: comments explaining some variables
* oxenstored: handling of domain conflict-credit
* oxenstored: ignore domains with no conflict-credit
* oxenstored: add transaction info relevant to history-tracking
* oxenstored: support commit history tracking
* oxenstored: only record operations with side-effects in history
* oxenstored: discard old commit-history on txn end
* oxenstored: track commit history
* oxenstored: blame the connection that caused a transaction conflict
* oxenstored: allow self-conflicts
* oxenstored: do not commit read-only transactions
* oxenstored: don't wake to issue no conflict-credit
* oxenstored transaction conflicts: improve logging
* oxenstored: trim history in the frequent_ops function
- CVE-2017-7228 / XSA-212
* memory: properly check guest memory ranges in XENMEM_exchange handling
- XSA-213
* multicall: deal with early exit conditions
- XSA-214
* x86: discard type information when stealing pages
xen (4.7.2-0ubuntu1) yakkety; urgency=medium
* Rebasing to upstream stable release 4.7.2 (LP: #1672767)
https://www.xenproject.org/downloads/xen-archives/xen-47-series.html
- Includes fix for booting 4.10 Linux kernels in HVM guests on Intel
hosts which support the TSC_ADJUST MSR (LP: #1671760)
- Dropping: d/p/preup-tools-fix-linear-p2m-save.patch which is part
of the stable update.
- Additional security relevant changes:
* XSA-207
- memory leak when destroying guest without PT devices
- Replacing the following security fixes with the versions from the
stable update:
* CVE-2016-6258 / XSA-182
- x86: Privilege escalation in PV guests
* CVE-2016-6259 / XSA-183
- x86: Missing SMAP whitelisting in 32-bit exception / event delivery
* CVE-2016-7092 / XSA-185
- x86: Disallow L3 recursive pagetable for 32-bit PV guests
* CVE-2016-7093 / XSA-186
- x86: Mishandling of instruction pointer truncation during emulation
* CVE-2016-7094 / XSA-187
- x86 HVM: Overflow of sh_ctxt->seg_reg[]
* CVE-2016-7777 / XSA-190
- CR0.TS and CR0.EM not always honored for x86 HVM guests
* CVE-2016-9386 / XSA-191
- x86 null segments not always treated as unusable
* CVE-2016-9382 / XSA-192
- x86 task switch to VM86 mode mis-handled
* CVE-2016-9385 / XSA-193
- x86 segment base write emulation lacking canonical address checks
* CVE-2016-9384 / XSA-194
- guest 32-bit ELF symbol table load leaking host data
* CVE-2016-9383 / XSA-195
- x86 64-bit bit test instruction emulation broken
* CVE-2016-9377, CVE-2016-9378 / XSA-196
- x86 software interrupt injection mis-handled
* CVE-2016-9379, CVE-2016-9380 / XSA-198
- delimiter injection vulnerabilities in pygrub
* CVE-2016-9932 / XSA-200
- x86 CMPXCHG8B emulation fails to ignore operand size override
* CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA-201
- ARM guests may induce host asynchronous abort
* CVE-2016-10024 / XSA-202
- x86 PV guests may be able to mask interrupts
* CVE-2016-10025 / XSA-203
- x86: missing NULL pointer check in VMFUNC emulation
* CVE-2016-10013 / XSA-204
- x86: Mishandling of SYSCALL singlestep during emulation
* Copy contents of debian/build/install-utils_$(ARCH)/usr/sbin into
debian/build/install-utils_$ARCH/usr/lib/xen-$(VERSION) (LP: #1396670).
Date: 2017-05-12 13:26:20.021367+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/xen/4.7.2-0ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Yakkety-changes
mailing list