Publishing details
Changelog
xen (4.6.5-0ubuntu1.4) xenial-security; urgency=medium
* Applying Xen Security Advisories:
- CVE-2017-14316 / XSA-231
- xen/mm: make sure node is less than MAX_NUMNODES
- CVE-2017-14318 / XSA-232
- grant_table: fix GNTTABOP_cache_flush handling
- CVE-2017-14317 / XSA-233
- tools/xenstore: dont unlink connection object twice
- CVE-2017-14319 / XSA-234
- gnttab: also validate PTE permissions upon destroy/replace
- XSA-235
- arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
- XSA-237
- x86: don't allow MSI pIRQ mapping on unowned device
- x86: enforce proper privilege when (un)mapping pIRQ-s
- x86/MSI: disallow redundant enabling
- x86/IRQ: conditionally preserve irq <-> pirq mapping on map error
paths
- x86/FLASK: fix unmap-domain-IRQ XSM hook
- XSA-238
- x86/ioreq server: correctly handle bogus
XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments
- XSA-239
- x86/HVM: prefill partially used variable on emulation paths
- XSA-240
- x86: limit linear page table use to a single level
- x86/mm: Disable PV linear pagetables by default
- XSA-241
- x86: don't store possibly stale TLB flush time stamp
- XSA-242
- x86: don't allow page_unlock() to drop the last type reference
- XSA-243
- x86: Disable the use of auto-translated PV guestsx86: Disable the use
of auto-translated PV guests
- x86/shadow: Don't create self-linear shadow mappings for 4-level
translated guests
- XSA-244
- x86/cpu: Fix IST handling during PCPU bringup
- XSA-245
- xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn
- xen/arm: Correctly report the memory region in the dummy NUMA helpers
xen (4.6.5-0ubuntu1.3) xenial-security; urgency=medium
* Applying Xen Security Advisories:
- XSA-226 / CVE-2017-12135
- gnttab: don't use possibly unbounded tail calls
- gnttab: fix transitive grant handling
- XSA-227 / CVE-2017-12137
- x86/grant: Disallow misaligned PTEs
- XSA-228 / CVE-2017-12136
- gnttab: split maptrack lock to make it fulfill its purpose again
- XSA-230 / CVE-2017-12855
- gnttab: correct pin status fixup for copy
-- Stefan Bader <email address hidden> Wed, 11 Oct 2017 15:41:03 +0200
Builds
Built packages
-
libxen-4.6
Public libs for Xen
-
libxen-4.6-dbgsym
debug symbols for package libxen-4.6
-
libxen-dev
Public headers and libs for Xen
-
libxenstore3.0
Xenstore communications library for Xen
-
libxenstore3.0-dbgsym
debug symbols for package libxenstore3.0
-
xen-hypervisor-4.4-amd64
Transitional package for upgrade
-
xen-hypervisor-4.4-arm64
Transitional package for upgrade
-
xen-hypervisor-4.4-armhf
Transitional package for upgrade
-
xen-hypervisor-4.5-amd64
Transitional package for upgrade
-
xen-hypervisor-4.5-arm64
Transitional package for upgrade
-
xen-hypervisor-4.5-armhf
Transitional package for upgrade
-
xen-hypervisor-4.6-amd64
Xen Hypervisor on AMD64
-
xen-hypervisor-4.6-arm64
Xen Hypervisor on ARM64
-
xen-hypervisor-4.6-armhf
Xen Hypervisor on ARMHF
-
xen-system-amd64
Xen System on AMD64 (meta-package)
-
xen-system-arm64
Xen System on ARM64 (meta-package)
-
xen-system-armhf
Xen System on ARMHF (meta-package)
-
xen-utils-4.6
XEN administrative tools
-
xen-utils-4.6-dbgsym
debug symbols for package xen-utils-4.6
-
xen-utils-common
Xen administrative tools - common files
-
xenstore-utils
Xenstore command line utilities for Xen
-
xenstore-utils-dbgsym
debug symbols for package xenstore-utils
Package files