xen (4.4.0-0ubuntu6) utopic; urgency=low
* Applying Xen Security Advisories:
- CVE-2014-2599 / XSA-89
* x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access()
- CVE-2014-3125 / XSA-91
* xen/arm: Correctly save/restore CNTKCTL_EL1
- CVE-2014-3124 / XSA-92
* x86/HVM: restrict HVMOP_set_mem_type
- CVE-2014-2915 / XSA-93
* xen/arm: Inject an undefined instruction when the coproc/sysreg
is not handled
* xen/arm: Don't let the guest access the coprocessors registers
* xen/arm: Upgrade DCISW into DCCISW
* xen/arm: Trap cache and TCM lockdown registers
* xen/arm: Don't expose implementation defined registers (Cp15 c15)
to the guest
* xen/arm: Don't let guess access to Debug and Performance Monitor
registers
- CVE-2014-2986 / XSA-94
* xen/arm: vgic: Check rank in GICD_ICFGR* emulation before locking
- CVE-2014-3714, CVE-2014-3715, CVE-2014-3716, CVE-2014-3717 / XSA-95
* tools: arm: remove code to check for a DTB appended to the kernel
- CVE-2014-3967,CVE-2014-3968 / XSA-96
* x86/HVM: eliminate vulnerabilities from hvm_inject_msi()
- CVE-2014-3969 / XSA-98
* xen: arm: check permissions when copying to/from guest virtual
addresses
* xen: arm: ensure we hold a reference to guest pages while we copy
to/from them
- CVE-2014-4021 / XSA-100
* AMD IOMMU: don't free page table prematurely
* page-alloc: scrub pages used by hypervisor upon freeing
- CVE-2014-4022 / XSA-101
* xen: arm: initialise the grant_table_gpfn array on allocation
-- Stefan Bader <email address hidden> Mon, 23 Jun 2014 15:40:16 +0200
