Bug#861659: Xen package security updates for jessie 4.4, XSA-213, XSA-214

Moritz Muehlenhoff Thu, 04 May 2017 09:57:23 -0700

On Thu, May 04, 2017 at 05:06:07PM +0100, Ian Jackson wrote:
> Ian Jackson writes ("64bit PV guest breakout [XSA-213]"):
> > Source: xen
> > Version: 4.4.1-9
> > Severity: important
> > Tags: security upstream fixed-upstream
> > 
> > See
> >   https://xenbits.xen.org/xsa/advisory-213.html
> 
> Ian Jackson writes ("grant transfer allows PV guest to elevate privileges 
> [XSA-214]"):
> > Source: xen
> > Version: 4.4.1-9
> > Severity: important
> > Tags: security upstream fixed-upstream
> > 
> > See
> >   https://xenbits.xen.org/xsa/advisory-214.html
> 
> I have fixed these in stretch but the jessie package remains unfixed.
> I think I may be able to find some backports somewhere.  Would that be
> useful ?  Is anyone else working on this ?


Yes, please!

Cheers,
        Moritz

Bug#861659: Xen package security updates for jessie 4.4, XSA-213, XSA-214

Reply via email to