-
xen (4.4.1-0ubuntu0.14.10.6) utopic-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2015-3340 / XSA-132
* domctl/sysctl: don't leak hypervisor stack to toolstacks
- CVE-2015-3456 / XSA-133
* qemut: fdc: force the fifo access to be in bounds of the
allocated buffer
-- Stefan Bader <email address hidden> Wed, 13 May 2015 16:33:47 +0200
-
xen (4.4.1-0ubuntu0.14.10.5) utopic-security; urgency=low
* Applying Xen Security Advisories:
* CVE-2014-5146 / XSA-97 (HAP, reworked)
- x86/paging: make log-dirty operations preemptible
* CVE-2015-2752 / XSA-125
- Limit XEN_DOMCTL_memory_mapping hypercall to only process up
to 64 GFNs (or less)
* CVE-2015-2756 / XSA-126 (qemu-dm)
- xen: limit guest control of PCI command register
* CVE-2015-2751 / XSA-127
- domctl: don't allow a toolstack domain to call domain_pause() on
itself
-- Stefan Bader <email address hidden> Tue, 07 Apr 2015 14:32:08 +0200
-
xen (4.4.1-0ubuntu0.14.10.4) utopic-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2014-9065, CVE-2014-9066 / XSA-114
* switch to write-biased r/w locks
- CVE-2015-0361 / XSA-116
* x86/HVM: prevent use-after-free when destroying a domain
- CVE-2015-1563 / XSA-118
* xen/arm: vgic: message in the emulation code should be
rate-limited
- CVE-2015-2152 / XSA-119
* tools: libxl: Explicitly disable graphics backends on qemu
cmdline
- CVE-2015-2044 / XSA-121
* x86/HVM: return all ones on wrong-sized reads of system device I/O
ports
- CVE-2015-2045 / XSA-122
* pre-fill structures for certain HYPERVISOR_xen_version sub-ops
- CVE-2015-2151 / XSA-123
* x86emul: fully ignore segment override for register-only operations
-- Stefan Bader <email address hidden> Wed, 04 Mar 2015 12:20:04 +0100
-
xen (4.4.1-0ubuntu0.14.10.3) utopic; urgency=low
* d/xen-utils-common.xen.init: Update script to start a QEMU process for
dom0. (LP: #1396068)
-- Stefan Bader <email address hidden> Thu, 11 Dec 2014 18:23:20 +0100
-
xen (4.4.1-0ubuntu0.14.10.2) utopic-security; urgency=low
* Applying Xen Security Advisories:
- CVE-2013-3495 / XSA-59
* VT-d: suppress UR signaling for further desktop chipsets
- CVE-2014-8594 / XSA-109
* x86: don't allow page table updates on non-PV page tables in
do_mmu_update()
- CVE-2014-8595 / XSA-110
* x86emul: enforce privilege level restrictions when loading CS
- CVE-2014-8866 / XSA-111
* x86: limit checks in hypercall_xlat_continuation() to actual arguments
- CVE-2014-8867 / XSA-112
* x86/HVM: confine internally handled MMIO to solitary regions
- CVE-2014-9030 / XSA-113
* x86/mm: fix a reference counting error in MMU_MACHPHYS_UPDATE
-- Stefan Bader <email address hidden> Wed, 19 Nov 2014 14:22:02 +0100
-
xen (4.4.1-0ubuntu0.14.10.1) utopic; urgency=low
* Updating to lastest upstream stable release 4.4.1 (LP: #1390352)
- Replacing the following security changes by upstream versions:
* CVE-2013-3495 / XSA-59 (additional work-around),
CVE-2014-2599 / XSA-89, CVE-2014-3125 / XSA-91,
CVE-2014-3124 / XSA-92, CVE-2014-2915 / XSA-93,
CVE-2014-2986 / XSA-94,
CVE-2014-3714,CVE-2014-3715,CVE-2014-3716,CVE-2014-3717 / XSA-95,
CVE-2014-3967,CVE-2014-3968 / XSA-96, CVE-2014-3969 / XSA-98,
CVE-2014-4021 / XSA-100, CVE-2014-4022 / XSA-101,
CVE-2014-5147 / XSA-102, CVE-2014-5148 / XSA-103
- Dropped patches:
* d/p/debian/patches/ubuntu-arm64-enablement.patch (fixed by stable)
* upstream-25290:7a6dcecb1781-rework (stale)
* tools-flask-prefix.diff (stale)
* ubuntu-tools-hotplug-disable-xend-socket.patch (stale, duplicate)
-- Stefan Bader <email address hidden> Wed, 05 Nov 2014 11:45:51 +0100
-
xen (4.4.0-0ubuntu9) utopic; urgency=low
* debian/scripts/xen-init-list: Modify code to only list domains started
by the xl command (when using libxl). Also working around a bug in the
"list -l" command of the xl toolstack which causes it to fail if there
are domains running which are not created by xl (like via libvirt)
(LP: #1377960).
-- Stefan Bader <email address hidden> Tue, 07 Oct 2014 11:05:44 +0200
-
xen (4.4.0-0ubuntu8) utopic; urgency=low
* Applying Xen Security Advisories:
- CVE-2014-5147 / XSA-102
* xen: arm: handle AArch32 userspace when dumping 64-bit guest state.
* xen: arm: Correctly handle exception injection from userspace on
64-bit.
* xen: arm: Handle traps from 32-bit userspace on 64-bit kernel as undef
- CVE-2014-5148 / XSA-103
* xen: arm: Correctly handle do_sysreg exception injection from 64-bit
userspace
- CVE-2014-7154 / XSA-104
* x86/shadow: fix race condition sampling the dirty vram state
- CVE-2014-7155 / XSA-105
* x86/emulate: check cpl for all privileged instructions
- CVE-2014-7156 / XSA-106
* x86emul: only emulate software interrupt injection for real mode
- CVE-2014-6268 / XSA-107
* evtchn: check control block exists when using FIFO-based events
- CVE-2014-7188 / XSA-108
* x86/HVM: properly bound x2APIC MSR range
-- Stefan Bader <email address hidden> Fri, 26 Sep 2014 09:55:15 +0200
-
xen (4.4.0-0ubuntu7) utopic; urgency=low
* d/xen-utils-<version>.postinst: Remove xend config conversion script.
* d/p/ubuntu-use-seabios-256.patch: Pick the 256K seabios image for
hvmloader because the 128K default image dropped Xen support.
(LP: #1370123)
-- Stefan Bader <email address hidden> Tue, 16 Sep 2014 17:35:24 +0200
-
xen (4.4.0-0ubuntu6) utopic; urgency=low
* Applying Xen Security Advisories:
- CVE-2014-2599 / XSA-89
* x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access()
- CVE-2014-3125 / XSA-91
* xen/arm: Correctly save/restore CNTKCTL_EL1
- CVE-2014-3124 / XSA-92
* x86/HVM: restrict HVMOP_set_mem_type
- CVE-2014-2915 / XSA-93
* xen/arm: Inject an undefined instruction when the coproc/sysreg
is not handled
* xen/arm: Don't let the guest access the coprocessors registers
* xen/arm: Upgrade DCISW into DCCISW
* xen/arm: Trap cache and TCM lockdown registers
* xen/arm: Don't expose implementation defined registers (Cp15 c15)
to the guest
* xen/arm: Don't let guess access to Debug and Performance Monitor
registers
- CVE-2014-2986 / XSA-94
* xen/arm: vgic: Check rank in GICD_ICFGR* emulation before locking
- CVE-2014-3714, CVE-2014-3715, CVE-2014-3716, CVE-2014-3717 / XSA-95
* tools: arm: remove code to check for a DTB appended to the kernel
- CVE-2014-3967,CVE-2014-3968 / XSA-96
* x86/HVM: eliminate vulnerabilities from hvm_inject_msi()
- CVE-2014-3969 / XSA-98
* xen: arm: check permissions when copying to/from guest virtual
addresses
* xen: arm: ensure we hold a reference to guest pages while we copy
to/from them
- CVE-2014-4021 / XSA-100
* AMD IOMMU: don't free page table prematurely
* page-alloc: scrub pages used by hypervisor upon freeing
- CVE-2014-4022 / XSA-101
* xen: arm: initialise the grant_table_gpfn array on allocation
-- Stefan Bader <email address hidden> Mon, 23 Jun 2014 15:40:16 +0200
-
xen (4.4.0-0ubuntu5) trusty; urgency=low
* Minimal changes to make arm64 build. It produces packages, whatever
can be done with those is somebody elses problem.
-- Stefan Bader <email address hidden> Fri, 11 Apr 2014 15:12:47 +0200
