[ubuntu/raring-proposed] xen 4.2.0-1ubuntu6 (Accepted)

Stefan Bader stefan.bader at canonical.com
Tue Feb 5 13:35:19 UTC 2013 

xen (4.2.0-1ubuntu6) raring; urgency=low

  * Applying Xen Security Advisory:
    - VT-d: fix interrupt remapping source validation for devices behind
      legacy bridges
      CVE-2012-5634 / XSA-33
    - x86_32: don't allow use of nested HVM
      CVE-2013-0151 / XSA-34
    - xen: Do not allow guests to enable nested HVM on themselves
      CVE-2013-0152 / XSA-35
    - ACPI: acpi_table_parse() should return handler's error code
      CVE-2013-0153 / XSA-36
    - oxenstored incorrect handling of certain Xenbus ring states
      CVE-2013-0215 / XSA-38
  * Applying qemu security fixes:
    - e1000: Discard packets that are too long if !SBP and !LPE
      CVE-2012-6075 / XSA-41
    - Discard packets longer than 16384 when !SBP to match the hardware
      behavior.
      CVE-2012-6075 / XSA-41
  * qemu-fix-librt-test.patch
    Fix build regression caused by glibc not requiring to link against
    librt for the clock_gettime function. Patch picked from xen-devel
    mailing list.
  * tools-gdbsx-fix-build-failure-with-glibc-2.17.patch
    Add direct include to sys/types.h for xg_main.c which likely was
    indirectly done before. Needed to get ulong type definition.

Date: Tue, 29 Jan 2013 15:48:47 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/raring/+source/xen/4.2.0-1ubuntu6
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 29 Jan 2013 15:48:47 +0100
Source: xen
Binary: xen-docs-4.2 libxen-4.2 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.2 xen-hypervisor-4.2-amd64 xen-system-amd64 xen-hypervisor-4.2-i386 xen-system-i386
Architecture: source
Version: 4.2.0-1ubuntu6
Distribution: raring
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description: 
 libxen-4.2 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxen-ocaml - OCaml libraries for controlling Xen
 libxen-ocaml-dev - OCaml libraries for controlling Xen (devel package)
 libxenstore3.0 - Xenstore communications library for Xen
 xen-docs-4.2 - Documentation for Xen
 xen-hypervisor-4.2-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.2-i386 - Xen Hypervisor on i386
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-i386 - Xen System on i386 (meta-package)
 xen-utils-4.2 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore utilities for Xen
Changes: 
 xen (4.2.0-1ubuntu6) raring; urgency=low
 .
   * Applying Xen Security Advisory:
     - VT-d: fix interrupt remapping source validation for devices behind
       legacy bridges
       CVE-2012-5634 / XSA-33
     - x86_32: don't allow use of nested HVM
       CVE-2013-0151 / XSA-34
     - xen: Do not allow guests to enable nested HVM on themselves
       CVE-2013-0152 / XSA-35
     - ACPI: acpi_table_parse() should return handler's error code
       CVE-2013-0153 / XSA-36
     - oxenstored incorrect handling of certain Xenbus ring states
       CVE-2013-0215 / XSA-38
   * Applying qemu security fixes:
     - e1000: Discard packets that are too long if !SBP and !LPE
       CVE-2012-6075 / XSA-41
     - Discard packets longer than 16384 when !SBP to match the hardware
       behavior.
       CVE-2012-6075 / XSA-41
   * qemu-fix-librt-test.patch
     Fix build regression caused by glibc not requiring to link against
     librt for the clock_gettime function. Patch picked from xen-devel
     mailing list.
   * tools-gdbsx-fix-build-failure-with-glibc-2.17.patch
     Add direct include to sys/types.h for xg_main.c which likely was
     indirectly done before. Needed to get ulong type definition.
Checksums-Sha1: 
 02e105112fd1f677c15b896542d729db0f21f734 3173 xen_4.2.0-1ubuntu6.dsc
 80c41e0ad9b397fc918822708284dfc6a723a596 79242 xen_4.2.0-1ubuntu6.debian.tar.gz
Checksums-Sha256: 
 8ccc20581880d494217a57ce96dea33dab676a9d4ccf7147b62b44b1f3157ee6 3173 xen_4.2.0-1ubuntu6.dsc
 276e2c4d3fc1219dc937adf2da0ee76c6a7c3df9bbdaa7b03280d7659a561bac 79242 xen_4.2.0-1ubuntu6.debian.tar.gz
Files: 
 cc1128170e9230221201a255bdfa2a02 3173 kernel optional xen_4.2.0-1ubuntu6.dsc
 cb0eb16dce154482856d41440543c553 79242 kernel optional xen_4.2.0-1ubuntu6.debian.tar.gz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJREQkuAAoJEGVp2FWnRL6TIHEP/jX0aF8C9jsiFSPjaN23bLPe
eSx/eLZRYZZqPRP8AIILem8tUveyhr1TvN17Q+VQ8lzjKLxEJBRvN82v4pdeE+cl
L3Sr9/TN3tVxh+M2tEcjV+cXkCiuSsuTTVB5YU/YONTGj3R+F3Y/BfnVhd360fz6
Ynbs3n9OhGwjNr4t6Imoq0G9/SKEYyimLzIPlSPHDBxXb5fYEQG/VXXh6AWZd0NW
URIviI9rOW5LZI5KKkoF9qdpEZm046Lh203gaBmuIjIZtgagn8kP5XvJetScXsdk
1Vqy68ju15Qp2t80Tq1NRA5J/U/WX3trtDp07Q4/uw24M3iM1MRQMC8bfy3meJBr
zWM7330fv7ruL7sfHxtQ1EWpd8/NZGJXgfky7bbU44U0bXifeQGq2m83++tmAKZN
MrgnILiPTWDg8c47CqJ2KAVkBo/wXkYNtrevi9t3SjkOc6ArlafPCknrVqmOAxJa
NjDDfjMy4bOWPOlpMMe7aEfaQ97Eg4dIbGvCTayXgF0Swd8LCaDJNuZrBde/5kAF
8CI8y5kU7RP4jylq9I8Re+1PnolndH8froK3Vh7M3r6R7Z6gYviPKZxG0gmfljdW
lZmDNYU4bLXMh0tyrZjG57QCjDHJ4PIFL2glsIDjs2FlauZxnfiw5CKw83xSBoA5
9pDZ1PFUra6hv+EZOXGI
=jSt3
-----END PGP SIGNATURE-----

More information about the Raring-changes mailing list