xen 4.6.5-0ubuntu1.4 source package in Ubuntu

Changelog

xen (4.6.5-0ubuntu1.4) xenial-security; urgency=medium

  * Applying Xen Security Advisories:
    - CVE-2017-14316 / XSA-231
      - xen/mm: make sure node is less than MAX_NUMNODES
    - CVE-2017-14318 / XSA-232
      - grant_table: fix GNTTABOP_cache_flush handling
    - CVE-2017-14317 / XSA-233
      - tools/xenstore: dont unlink connection object twice
    - CVE-2017-14319 / XSA-234
      - gnttab: also validate PTE permissions upon destroy/replace
    - XSA-235
      - arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
    - XSA-237
      - x86: don't allow MSI pIRQ mapping on unowned device
      - x86: enforce proper privilege when (un)mapping pIRQ-s
      - x86/MSI: disallow redundant enabling
      - x86/IRQ: conditionally preserve irq <-> pirq mapping on map error
        paths
      - x86/FLASK: fix unmap-domain-IRQ XSM hook
    - XSA-238
      - x86/ioreq server: correctly handle bogus
        XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments
    - XSA-239
      - x86/HVM: prefill partially used variable on emulation paths
    - XSA-240
      - x86: limit linear page table use to a single level
      - x86/mm: Disable PV linear pagetables by default
    - XSA-241
      - x86: don't store possibly stale TLB flush time stamp
    - XSA-242
      - x86: don't allow page_unlock() to drop the last type reference
    - XSA-243
      - x86: Disable the use of auto-translated PV guestsx86: Disable the use
        of auto-translated PV guests
      - x86/shadow: Don't create self-linear shadow mappings for 4-level
        translated guests
    - XSA-244
      - x86/cpu: Fix IST handling during PCPU bringup
    - XSA-245
      - xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn
      - xen/arm: Correctly report the memory region in the dummy NUMA helpers

xen (4.6.5-0ubuntu1.3) xenial-security; urgency=medium

  * Applying Xen Security Advisories:
    - XSA-226 / CVE-2017-12135
      - gnttab: don't use possibly unbounded tail calls
      - gnttab: fix transitive grant handling
    - XSA-227 / CVE-2017-12137
      - x86/grant: Disallow misaligned PTEs
    - XSA-228 / CVE-2017-12136
      - gnttab: split maptrack lock to make it fulfill its purpose again
    - XSA-230 / CVE-2017-12855
      - gnttab: correct pin status fixup for copy

 -- Stefan Bader <email address hidden>  Wed, 11 Oct 2017 15:41:03 +0200

Upload details

Uploaded by:
Stefan Bader on 2017-10-13
Sponsored by:
Marc Deslauriers
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
amd64 arm64 armhf i386 all
Section:
kernel
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2017-10-16 main kernel
Xenial security on 2017-10-16 main kernel

Downloads

File Size SHA-256 Checksum
xen_4.6.5.orig.tar.xz 3.5 MiB d859fff62afa08076d978851e9d8a8e34c2e301f99139e0feb57545e0674fc6f
xen_4.6.5-0ubuntu1.4.debian.tar.xz 127.1 KiB a2ce2cec0cb9f43230b1c00fe452ddd09c04477b2bdcdfca1dbbc81a4d8f52ce
xen_4.6.5-0ubuntu1.4.dsc 3.5 KiB c718bd24aa37cfcfa78fe25b898ee73fc2ded8515bdb8b78eb9c09aaeacf3ec9

View changes file

Binary packages built by this source

libxen-4.6: Public libs for Xen

 This package contains the shared toolstack libraries for Xen.

libxen-4.6-dbgsym: debug symbols for package libxen-4.6

 This package contains the shared toolstack libraries for Xen.

libxen-dev: Public headers and libs for Xen

 This package contains the public headers and static libraries for Xen.
 .
 The libxenlight library is intended as a common base for all Xen toolstack
 developers. The libxlutil library contains additional helpers which may
 be useful to toolstack developers.
 .
 The libxenstore library allows userspace processes to interact with the
 XenStore database. XenStore is a shared database used for interdomain
 communication of configuration and status information. It is accessible
 to all domains running on the same Xen host. See
 http://wiki.xen.org/wiki/XenStore for more information.
 .
 The libxenctrl and libxenguest libraries are internal libraries intended
 for use by the Xen toolstack and are not intended to be used directly.
 Toolstack authors should use libxenlight.

libxenstore3.0: Xenstore communications library for Xen

 This package contains the client library interface to XenStore. .

libxenstore3.0-dbgsym: debug symbols for package libxenstore3.0

 This package contains the client library interface to XenStore. .

xen-hypervisor-4.4-amd64: Transitional package for upgrade
xen-hypervisor-4.4-arm64: Transitional package for upgrade
xen-hypervisor-4.4-armhf: Transitional package for upgrade
xen-hypervisor-4.5-amd64: Transitional package for upgrade
xen-hypervisor-4.5-arm64: Transitional package for upgrade
xen-hypervisor-4.5-armhf: Transitional package for upgrade
xen-hypervisor-4.6-amd64: Xen Hypervisor on AMD64

 The hypervisor is the "core" for XEN itself. It gets booted by the boot
 loader and controls cpu and memory, sharing them between your
 administrative domain (Domain 0) and the virtual guest systems.
 .
 In order to boot a XEN system along with this package you also need a
 kernel specifically crafted to work as the Domain 0, mediating hardware
 access for XEN itself.

xen-hypervisor-4.6-arm64: Xen Hypervisor on ARM64

 The hypervisor is the "core" for XEN itself. It gets booted by the boot
 loader and controls cpu and memory, sharing them between your
 administrative domain (Domain 0) and the virtual guest systems.
 .
 In order to boot a XEN system along with this package you also need a
 kernel specifically crafted to work as the Domain 0, mediating hardware
 access for XEN itself.

xen-hypervisor-4.6-armhf: Xen Hypervisor on ARMHF

 The hypervisor is the "core" for XEN itself. It gets booted by the boot
 loader and controls cpu and memory, sharing them between your
 administrative domain (Domain 0) and the virtual guest systems.
 .
 In order to boot a XEN system along with this package you also need a
 kernel specifically crafted to work as the Domain 0, mediating hardware
 access for XEN itself.

xen-system-amd64: Xen System on AMD64 (meta-package)

 This package depends on the latest Xen hypervisor for use on AMD64 and the
 Xen utils.

xen-system-arm64: Xen System on ARM64 (meta-package)

 This package depends on the latest Xen hypervisor for use on ARM64 and the
 Xen utils.

xen-system-armhf: Xen System on ARMHF (meta-package)

 This package depends on the latest Xen hypervisor for use on ARMHF and the
 Xen utils.

xen-utils-4.6: XEN administrative tools

 The userspace tools to manage a system virtualized through the XEN virtual
 machine monitor.

xen-utils-4.6-dbgsym: debug symbols for package xen-utils-4.6

 The userspace tools to manage a system virtualized through the XEN virtual
 machine monitor.

xen-utils-common: Xen administrative tools - common files

 The userspace tools to manage a system virtualized through the Xen virtual
 machine monitor.
 .
 This package is only required on the host system (Domain 0) and not on the
 virtual guest systems (Domain U).

xenstore-utils: Xenstore command line utilities for Xen

 This package contains command line utilities for interacting with
 XenStore.
 .
 XenStore is a shared database used for interdomain communication of
 configuration and status information. It is accessible to all domains
 running on the same Xen host. See http://wiki.xen.org/wiki/XenStore for
 more information.
 .
 In the common case these tools are used by the Xen toolstack running in
 domain0 (or a driver domain) however they may also be used in a guest
 domain to support local scripting which wants to communicate via XenStore.

xenstore-utils-dbgsym: debug symbols for package xenstore-utils

 This package contains command line utilities for interacting with
 XenStore.
 .
 XenStore is a shared database used for interdomain communication of
 configuration and status information. It is accessible to all domains
 running on the same Xen host. See http://wiki.xen.org/wiki/XenStore for
 more information.
 .
 In the common case these tools are used by the Xen toolstack running in
 domain0 (or a driver domain) however they may also be used in a guest
 domain to support local scripting which wants to communicate via XenStore.