[Pkg-xen-devel] Xen package security updates for jessie 4.4, XSA-213, XSA-214
Moritz Muehlenhoff
jmm at inutil.org
Thu May 4 16:51:54 UTC 2017
On Thu, May 04, 2017 at 05:06:07PM +0100, Ian Jackson wrote:
> Ian Jackson writes ("64bit PV guest breakout [XSA-213]"):
> > Source: xen
> > Version: 4.4.1-9
> > Severity: important
> > Tags: security upstream fixed-upstream
> >
> > See
> > https://xenbits.xen.org/xsa/advisory-213.html
>
> Ian Jackson writes ("grant transfer allows PV guest to elevate privileges [XSA-214]"):
> > Source: xen
> > Version: 4.4.1-9
> > Severity: important
> > Tags: security upstream fixed-upstream
> >
> > See
> > https://xenbits.xen.org/xsa/advisory-214.html
>
> I have fixed these in stretch but the jessie package remains unfixed.
> I think I may be able to find some backports somewhere. Would that be
> useful ? Is anyone else working on this ?
Yes, please!
Cheers,
Moritz
More information about the Pkg-xen-devel
mailing list