[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#771575: unblock: xen/4.4.1-5

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock xen/4.4.1-5.  It fixes another bunch of security problems
and finishes a memory leak fix.

xen (4.4.1-5) unstable; urgency=medium

  * Fix excessive checks of hypercall arguments.
    CVE-2014-8866
  * Fix boundary checks of emulated MMIO access.
    CVE-2014-8867
  * Fix additional memory leaks in xl. (closes: #767295)

 -- Bastian Blank <waldi@debian.org>  Sun, 30 Nov 2014 20:13:32 +0100

xen (4.4.1-4) unstable; urgency=medium

  [ Bastian Blank ]
  * Make operations pre-emptible.
    CVE-2014-5146, CVE-2014-5149
  * Don't allow page table updates from non-PV page tables.
    CVE-2014-8594
  * Enforce privilege level while loading code segment.
    CVE-2014-8595
  * Fix reference counter leak.
    CVE-2014-9030
  * Use linux 3.16.0-4 stuff.
  * Fix memory leak in xl. (closes: #767295)

  [ Ian Campbell ]
  * Add licensing for tools/python/logging to debian/copyright.
    (Closes: #759384)
  * Correctly include xen-init-name in xen-utils-common. (Closes: #769543)
  * xen-utils recommends grub-xen-host package (Closes: #770460)

 -- Bastian Blank <waldi@debian.org>  Thu, 27 Nov 2014 20:17:36 +0100

unblock xen/4.4.1-5

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.17.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Reply to: