xen (4.3.0-1ubuntu2) trusty; urgency=low * Applying Xen Security Advisories: - CVE-2013-1442 / XSA-62 * Information leak on AVX and/or LWP capable CPUs - CVE-2013-4355 / XSA-63 * Information leaks through I/O instruction emulation - CVE-2013-4356 / XSA-64 * Memory accessible by 64-bit PV guests under live migration - CVE-2013-4361 / XSA-66 Information leak through fbld instruction emulation - CVE-2013-4368 / XSA-67 * Information leak through outs instruction emulation - CVE-2013-4369 / XSA-68 * possible null dereference when parsing vif ratelimiting info - CVE-2013-4370 / XSA-69 * misplaced free in ocaml xc_vcpu_getaffinity stub - CVE-2013-4371 / XSA-70 * use-after-free in libxl_list_cpupool under memory pressure - CVE-2013-4416 / XSA-72 * ocaml xenstored mishandles oversized message replies - CVE-2013-4494 / XSA-73 * Lock order reversal between page allocation and grant table locks
Date: Tue, 05 Nov 2013 16:16:05 +0100 Changed-By: Stefan Bader <stefan.ba...@canonical.com> Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Signed-By: Marc Deslauriers <marc.deslauri...@canonical.com> https://launchpad.net/ubuntu/trusty/+source/xen/4.3.0-1ubuntu2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 05 Nov 2013 16:16:05 +0100 Source: xen Binary: libxen-4.3 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.3 xen-hypervisor-4.3-amd64 xen-system-amd64 xen-hypervisor-4.3-armhf xen-system-armhf Architecture: source Version: 4.3.0-1ubuntu2 Distribution: trusty Urgency: low Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Stefan Bader <stefan.ba...@canonical.com> Description: libxen-4.3 - Public libs for Xen libxen-dev - Public headers and libs for Xen libxen-ocaml - OCaml libraries for controlling Xen libxen-ocaml-dev - OCaml libraries for controlling Xen (devel package) libxenstore3.0 - Xenstore communications library for Xen xen-hypervisor-4.3-amd64 - Xen Hypervisor on AMD64 xen-hypervisor-4.3-armhf - Xen Hypervisor on Arm v7/v8 xen-system-amd64 - Xen System on AMD64 (meta-package) xen-system-armhf - Xen System on Arm v7/v8 (meta-package) xen-utils-4.3 - XEN administrative tools xen-utils-common - Xen administrative tools - common files xenstore-utils - Xenstore utilities for Xen Changes: xen (4.3.0-1ubuntu2) trusty; urgency=low . * Applying Xen Security Advisories: - CVE-2013-1442 / XSA-62 * Information leak on AVX and/or LWP capable CPUs - CVE-2013-4355 / XSA-63 * Information leaks through I/O instruction emulation - CVE-2013-4356 / XSA-64 * Memory accessible by 64-bit PV guests under live migration - CVE-2013-4361 / XSA-66 Information leak through fbld instruction emulation - CVE-2013-4368 / XSA-67 * Information leak through outs instruction emulation - CVE-2013-4369 / XSA-68 * possible null dereference when parsing vif ratelimiting info - CVE-2013-4370 / XSA-69 * misplaced free in ocaml xc_vcpu_getaffinity stub - CVE-2013-4371 / XSA-70 * use-after-free in libxl_list_cpupool under memory pressure - CVE-2013-4416 / XSA-72 * ocaml xenstored mishandles oversized message replies - CVE-2013-4494 / XSA-73 * Lock order reversal between page allocation and grant table locks Checksums-Sha1: 3e5cfea3fc9ba727037397657929a6902070da3c 3031 xen_4.3.0-1ubuntu2.dsc 54a2a4d65f3d059e31c92b71da5e24ae51c24b38 74616 xen_4.3.0-1ubuntu2.debian.tar.gz Checksums-Sha256: 2acd26e9047b9580ea8998dc49f7accc0a598d89fb591e4f69edb7f2dbb2d037 3031 xen_4.3.0-1ubuntu2.dsc 6587a9beece4b2b6f94aec1be5db8e59bc1183da608c99ce06e6010d9382cc23 74616 xen_4.3.0-1ubuntu2.debian.tar.gz Files: 792ad5db75ed3c17bf62fdffed46ce08 3031 kernel optional xen_4.3.0-1ubuntu2.dsc 2d90c8d0d74e2378d141ba762a081ac1 74616 kernel optional xen_4.3.0-1ubuntu2.debian.tar.gz Original-Maintainer: Debian Xen Team <pkg-xen-de...@lists.alioth.debian.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQIcBAEBCgAGBQJSgijhAAoJEGVp2FWnRL6T8XQP/j4ax0nVvzlQGYqQWq+AiN3P ouciHQDfrbSP40mXZJGJVa2odKNzO6bNJMwgjSwV4z7zRJHhi5OjWvr5hs8ZEf71 fISIKnOM0/N5ld/mPz/Xtrf1GpM1GHvkP8Rw1wpronJpH1Bxl3PW6k6R0rJWQSzB yfYpwg2EIg9FNgtc4Nh7MbppVUaBhDP6hyzPnLD0gn5E/c4Fg5mVYxcuUQx7Ev+W VzpxQN1y6J1yEP4fUdDHS0nJMvnKHfhFgvx36C4MVZOHFEf4ELbZczg0BvQ0bvT7 pwC8W1MB+ulFI/M3Lom0+SGfVzjUbQTi0jE9K1WoYBnesX7NEBwySLLQcJUlvcVW kcwYsMhttEm4VgHI6tkADV0gQ42nXwJCB2ofMvoE3yyQTAQ557ojIessmeYbtCLc l5yleC0/yrHGKdkD74qfyTECmrQyAm6vpLlpDojYEst1IxWYkDQL6/MiW1DCL6he f5NIAQh1GvZDmOIL8aOheAeLCHOnXhCBD3ffbQMZAPeMaHkakrtWPRSptwzMmASM ghg3noZTFd4rzWYVXoiCVqVe+YwZQ1fnsVZPcmIQNJqTexnunR1P8eulR4a+jnaE OEmP6lU8di/jjL8QescOssAeWHE+KYLNBomCj2bH5K+QapAlKG7HnDHFpZdBk9Nw 1vbPnItEGeoGsxeVUkZh =g7ko -----END PGP SIGNATURE-----
-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes