Ubuntu
xen package

xen 4.6.0-1ubuntu4.1 source package in Ubuntu

Changelog

xen (4.6.0-1ubuntu4.1) xenial-security; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2016-3158, CVE-2016-3159 / XSA-172
      * x86: fix information leak on AMD CPUs
    - CVE-2016-3960 / XSA-173
      * x86: limit GFNs to 32 bits for shadowed superpages.
    - CVE-2016-4962 / XSA-175
      * libxl: Record backend/frontend paths in /libxl/$DOMID
      * libxl: Provide libxl__backendpath_parse_domid
      * libxl: Do not trust frontend in libxl__devices_destroy
      * libxl: Do not trust frontend in libxl__device_nextid
      * libxl: Do not trust frontend for disk eject event
      * libxl: Do not trust frontend for disk in getinfo
      * libxl: Do not trust frontend for vtpm list
      * libxl: Do not trust frontend for vtpm in getinfo
      * libxl: Do not trust frontend for nic in libxl_devid_to_device_nic
      * libxl: Do not trust frontend for nic in getinfo
      * libxl: Do not trust frontend for channel in list
      * libxl: Do not trust frontend for channel in getinfo
      * libxl: Cleanup: Have libxl__alloc_vdev use /libxl
      * libxl: Document ~/serial/ correctly
    - CVE-2016-4480 / XSA-176
      * x86/mm: fully honor PS bits in guest page table walks
    - CVE-2016-4963 / XSA-178
      * libxl: Make copy of every xs backend in /libxl in _generic_add
      * libxl: Do not trust backend in libxl__device_exists
      * libxl: Do not trust backend for vtpm in getinfo (except uuid)
      * libxl: Do not trust backend for vtpm in getinfo (uuid)
      * libxl: cdrom eject and insert: write to /libxl
      * libxl: Do not trust backend for disk eject vdev
      * libxl: Do not trust backend for disk; fix driver domain disks list
      * libxl: Do not trust backend for disk in getinfo
      * libxl: Do not trust backend for cdrom insert
      * libxl: Do not trust backend for channel in getinfo
      * libxl: Rename libxl__device_{nic,channel}_from_xs_be to _from_xenstore
      * libxl: Rename READ_BACKEND to READ_LIBXLDEV
      * libxl: Have READ_LIBXLDEV use libxl_path rather than be_path
      * libxl: Do not trust backend in nic getinfo
      * libxl: Do not trust backend for nic in devid_to_device
      * libxl: Do not trust backend for nic in list
      * libxl: Do not trust backend in channel list
      * libxl: Cleanup: use libxl__backendpath_parse_domid in
               libxl__device_disk_from_xs_be
      * libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
    - CVE-2016-5242 / XSA-181
      * xen/arm: Don't free p2m->first_level in p2m_teardown() before
                 it has been allocated

 -- Stefan Bader <email address hidden>  Wed, 01 Jun 2016 11:10:47 +0200

Upload details

Uploaded by:
Stefan Bader
Sponsored by:
Marc Deslauriers
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
amd64 arm64 armhf i386 all
Section:
kernel
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
xen_4.6.0.orig.tar.xz 3.4 MiB 6a779d3d58af3d25ac8a0724b0688a5ccf1b1badb7cedecba8ee6ed98bd91a0b
xen_4.6.0-1ubuntu4.1.debian.tar.xz 99.7 KiB 22d40c4a15a5ee243aa2bece53a021746e2f18bb2116de3264d222a3aa3f201a
xen_4.6.0-1ubuntu4.1.dsc 3.5 KiB edc84f93fceb3ad4a74b8ea448ce2f6b9a5f06c706a24463c3bfbe92134cfdf2

View changes file

Binary packages built by this source

libxen-4.6: Public libs for Xen

 This package contains the shared toolstack libraries for Xen.

libxen-4.6-dbgsym: debug symbols for package libxen-4.6

 This package contains the shared toolstack libraries for Xen.

libxen-dev: Public headers and libs for Xen

 This package contains the public headers and static libraries for Xen.
 .
 The libxenlight library is intended as a common base for all Xen toolstack
 developers. The libxlutil library contains additional helpers which may
 be useful to toolstack developers.
 .
 The libxenstore library allows userspace processes to interact with the
 XenStore database. XenStore is a shared database used for interdomain
 communication of configuration and status information. It is accessible
 to all domains running on the same Xen host. See
 http://wiki.xen.org/wiki/XenStore for more information.
 .
 The libxenctrl and libxenguest libraries are internal libraries intended
 for use by the Xen toolstack and are not intended to be used directly.
 Toolstack authors should use libxenlight.

libxenstore3.0: Xenstore communications library for Xen

 This package contains the client library interface to XenStore. .

libxenstore3.0-dbgsym: debug symbols for package libxenstore3.0

 This package contains the client library interface to XenStore. .

xen-hypervisor-4.4-amd64: Transitional package for upgrade
xen-hypervisor-4.4-arm64: Transitional package for upgrade
xen-hypervisor-4.4-armhf: Transitional package for upgrade
xen-hypervisor-4.5-amd64: Transitional package for upgrade
xen-hypervisor-4.5-arm64: Transitional package for upgrade
xen-hypervisor-4.5-armhf: Transitional package for upgrade
xen-hypervisor-4.6-amd64: Xen Hypervisor on AMD64

 The hypervisor is the "core" for XEN itself. It gets booted by the boot
 loader and controls cpu and memory, sharing them between your
 administrative domain (Domain 0) and the virtual guest systems.
 .
 In order to boot a XEN system along with this package you also need a
 kernel specifically crafted to work as the Domain 0, mediating hardware
 access for XEN itself.

xen-hypervisor-4.6-arm64: Xen Hypervisor on ARM64

 The hypervisor is the "core" for XEN itself. It gets booted by the boot
 loader and controls cpu and memory, sharing them between your
 administrative domain (Domain 0) and the virtual guest systems.
 .
 In order to boot a XEN system along with this package you also need a
 kernel specifically crafted to work as the Domain 0, mediating hardware
 access for XEN itself.

xen-hypervisor-4.6-armhf: Xen Hypervisor on ARMHF

 The hypervisor is the "core" for XEN itself. It gets booted by the boot
 loader and controls cpu and memory, sharing them between your
 administrative domain (Domain 0) and the virtual guest systems.
 .
 In order to boot a XEN system along with this package you also need a
 kernel specifically crafted to work as the Domain 0, mediating hardware
 access for XEN itself.

xen-system-amd64: Xen System on AMD64 (meta-package)

 This package depends on the latest Xen hypervisor for use on AMD64 and the
 Xen utils.

xen-system-arm64: Xen System on ARM64 (meta-package)

 This package depends on the latest Xen hypervisor for use on ARM64 and the
 Xen utils.

xen-system-armhf: Xen System on ARMHF (meta-package)

 This package depends on the latest Xen hypervisor for use on ARMHF and the
 Xen utils.

xen-utils-4.6: XEN administrative tools

 The userspace tools to manage a system virtualized through the XEN virtual
 machine monitor.

xen-utils-4.6-dbgsym: debug symbols for package xen-utils-4.6

 The userspace tools to manage a system virtualized through the XEN virtual
 machine monitor.

xen-utils-common: Xen administrative tools - common files

 The userspace tools to manage a system virtualized through the Xen virtual
 machine monitor.
 .
 This package is only required on the host system (Domain 0) and not on the
 virtual guest systems (Domain U).

xenstore-utils: Xenstore command line utilities for Xen

 This package contains command line utilities for interacting with
 XenStore.
 .
 XenStore is a shared database used for interdomain communication of
 configuration and status information. It is accessible to all domains
 running on the same Xen host. See http://wiki.xen.org/wiki/XenStore for
 more information.
 .
 In the common case these tools are used by the Xen toolstack running in
 domain0 (or a driver domain) however they may also be used in a guest
 domain to support local scripting which wants to communicate via XenStore.

xenstore-utils-dbgsym: debug symbols for package xenstore-utils

 This package contains command line utilities for interacting with
 XenStore.
 .
 XenStore is a shared database used for interdomain communication of
 configuration and status information. It is accessible to all domains
 running on the same Xen host. See http://wiki.xen.org/wiki/XenStore for
 more information.
 .
 In the common case these tools are used by the Xen toolstack running in
 domain0 (or a driver domain) however they may also be used in a guest
 domain to support local scripting which wants to communicate via XenStore.