[ubuntu/xenial-proposed] xen 4.6.0-1ubuntu2 (Accepted)

Stefan Bader stefan.bader at canonical.com
Thu Dec 17 12:59:14 UTC 2015 

xen (4.6.0-1ubuntu2) xenial; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2015-8550 / XSA-155
      * xen: Add RING_COPY_REQUEST()
      * blktap2: Use RING_COPY_REQUEST
      * libvchan: Read prod/cons only once.
    - CVE-2015-8338 / XSA-158
      * memory: split and tighten maximum order permitted in memops
    - CVE-2015-8339, CVE-2015-8340 / XSA-159
      * memory: fix XENMEM_exchange error handling
    - CVE-2015-8341 / XSA-160
      * libxl: Fix bootloader-related virtual memory leak on pv
        build failure
    - CVE-2015-8555 / XSA-165
      * x86: don't leak ST(n)/XMMn values to domains first using them
    - CVE-2015-???? / XSA-166
      * x86/HVM: avoid reading ioreq state more than once

Date: Wed, 16 Dec 2015 12:06:10 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/xen/4.6.0-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 16 Dec 2015 12:06:10 +0100
Source: xen
Binary: libxen-4.6 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.6 xen-hypervisor-4.6-amd64 xen-system-amd64 xen-hypervisor-4.6-arm64 xen-system-arm64 xen-hypervisor-4.6-armhf xen-system-armhf xen-hypervisor-4.4-amd64 xen-hypervisor-4.4-armhf xen-hypervisor-4.4-arm64 xen-hypervisor-4.5-amd64 xen-hypervisor-4.5-armhf xen-hypervisor-4.5-arm64
Architecture: source
Version: 4.6.0-1ubuntu2
Distribution: xenial
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
 libxen-4.6 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxenstore3.0 - Xenstore communications library for Xen
 xen-hypervisor-4.4-amd64 - Transitional package for upgrade
 xen-hypervisor-4.4-arm64 - Transitional package for upgrade
 xen-hypervisor-4.4-armhf - Transitional package for upgrade
 xen-hypervisor-4.5-amd64 - Transitional package for upgrade
 xen-hypervisor-4.5-arm64 - Transitional package for upgrade
 xen-hypervisor-4.5-armhf - Transitional package for upgrade
 xen-hypervisor-4.6-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.6-arm64 - Xen Hypervisor on ARM64
 xen-hypervisor-4.6-armhf - Xen Hypervisor on ARMHF
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-arm64 - Xen System on ARM64 (meta-package)
 xen-system-armhf - Xen System on ARMHF (meta-package)
 xen-utils-4.6 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore command line utilities for Xen
Changes:
 xen (4.6.0-1ubuntu2) xenial; urgency=low
 .
   * Applying Xen Security Advisories:
     - CVE-2015-8550 / XSA-155
       * xen: Add RING_COPY_REQUEST()
       * blktap2: Use RING_COPY_REQUEST
       * libvchan: Read prod/cons only once.
     - CVE-2015-8338 / XSA-158
       * memory: split and tighten maximum order permitted in memops
     - CVE-2015-8339, CVE-2015-8340 / XSA-159
       * memory: fix XENMEM_exchange error handling
     - CVE-2015-8341 / XSA-160
       * libxl: Fix bootloader-related virtual memory leak on pv
         build failure
     - CVE-2015-8555 / XSA-165
       * x86: don't leak ST(n)/XMMn values to domains first using them
     - CVE-2015-???? / XSA-166
       * x86/HVM: avoid reading ioreq state more than once
Checksums-Sha1:
 52e0e34e499956b9d2269cf3f69441aefd3fe1c1 3584 xen_4.6.0-1ubuntu2.dsc
 7fa6618c5a515e43079562729480660113c11624 74492 xen_4.6.0-1ubuntu2.debian.tar.xz
Checksums-Sha256:
 1494b92cd4540501b71cc512c20eac2763a5cc97eee0976e8826cfcdeb3edc80 3584 xen_4.6.0-1ubuntu2.dsc
 dead70fb7b2bbd330e0f753296d1e0a8482ad625e89cd8601c2b0b3e1ea6c878 74492 xen_4.6.0-1ubuntu2.debian.tar.xz
Files:
 23ec3757d332c56c53e1829864a8927f 3584 kernel optional xen_4.6.0-1ubuntu2.dsc
 9276cc0ac75e70df1d86d410b98b1585 74492 kernel optional xen_4.6.0-1ubuntu2.debian.tar.xz
Original-Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWcnqYAAoJEOhnXe7L7s6jBMUQAJgymVkcsRKLhIySr3aIrllK
mVYHktBf+j5Pm0i5hNB878QuUfso0/fhZ99EK31Rr9HCGn1ZUvTBdCgT/M8dekew
R+y0vMjDEQ5d73Koafiz5a43bcn5VnAMQim84Cf3dXNqK8fUeqzg5e1Lm1J2ZqWt
LBIyjcsOJN4zOi7GXQ+UbzjEAn5FAldLrOAiq7vArC+kVo5govOz7gIJFSs1pGY+
b60XUoN6QOoCN77m4xyWuKSyJ0OZkC/up4OIHytNlK5Rkhqjt0ZuLztBxELmzKUK
NTNySqgpGEXb2YsIwWqxVqfdJ3IcO0euOnlTurY9+Kq007K2YmtkEsPWkC2fgxaw
hXGJbv6d3EaPC8yWAvjV8rAM0tyfauj1e9ZVKe5D2uK2FIXAufIeau9JAstfqLZS
dF2o3/6Pq4Xt/VT7cKmN1fLH3ixy7lKzifHbEwtr9/9FlFz4RGc/9d4bGlrOjPCH
6MXE0p6/63zgL2KbCINXx0QhDw7jEedIdcGKnmTCpJ4hz7ZmfZ2zosBBeRII7LZR
s/y0YsVCKp2ZJHi9mUs8cYndT3IEGvCx8GtHiNX4TllgGYd9Qb5QsABL+jR+kCzr
63cISCmKctiH9HXUZ4PsE1eL2SY6Mf+ihNgTGHi2ITiZ8vQmtkDQYs9xC2if8GJj
m4GsTWrhe16oD4mw6dn3
=5Fl3
-----END PGP SIGNATURE-----

More information about the Xenial-changes mailing list