[Pkg-xen-devel] xen_4.11.4+24-gddaaccbbab-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Wed Jul 8 14:33:57 BST 2020
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 07 Jul 2020 16:07:39 +0200
Source: xen
Architecture: source
Version: 4.11.4+24-gddaaccbbab-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Hans van Kranenburg <hans at knorrie.org>
Changes:
xen (4.11.4+24-gddaaccbbab-1) unstable; urgency=medium
.
* Update to new upstream version 4.11.4+24-gddaaccbbab, which also contains
security fixes for the following issues:
- inverted code paths in x86 dirty VRAM tracking
XSA-319 CVE-2020-15563
- Special Register Buffer speculative side channel
XSA-320 CVE-2020-0543
N.B: To mitigate this issue, new cpu microcode is required. The changes
in Xen provide a workaround for affected hardware that is not receiving
a vendor microcode update. Please refer to the upstream XSA-320 Advisory
text for more details.
- insufficient cache write-back under VT-d
XSA-321 CVE-2020-15565
- Missing alignment check in VCPUOP_register_vcpu_info
XSA-327 CVE-2020-15564
- non-atomic modification of live EPT PTE
XSA-328 CVE-2020-15567
Checksums-Sha1:
f73160666470dab5af2f58c463ca1a9625e62438 4207 xen_4.11.4+24-gddaaccbbab-1.dsc
ad24abf183893b429b27cbb28f49a906b4d571ff 4248964 xen_4.11.4+24-gddaaccbbab.orig.tar.xz
728b9db5250f214f7e9c788bc50707b45aac863f 134216 xen_4.11.4+24-gddaaccbbab-1.debian.tar.xz
Checksums-Sha256:
c4844be6ec9bdb96c90f503825980c15d1e41cba3e631c450dce65cb5f629ba4 4207 xen_4.11.4+24-gddaaccbbab-1.dsc
9341af7e6509b16c6f5c1e400974a1fb6ec6d6d23b28c278e84ea17b4d3e3611 4248964 xen_4.11.4+24-gddaaccbbab.orig.tar.xz
001686853d09e13699658efb0c78d52030127a2bf434ae39e63504532c8da466 134216 xen_4.11.4+24-gddaaccbbab-1.debian.tar.xz
Files:
99d28836d6e77f3f7356c164944c07d7 4207 admin optional xen_4.11.4+24-gddaaccbbab-1.dsc
443157dfcb63eeef0486e68f6f81ea48 4248964 admin optional xen_4.11.4+24-gddaaccbbab.orig.tar.xz
c750040e14752445ea8977b10884c2ad 134216 admin optional xen_4.11.4+24-gddaaccbbab-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAl8Fx4IACgkQssHfcmNh
X2wMvg/8Doz52+fz8iU12DczvaOW4FQ/v9taW2sOtwhlAaywDHWM98lOSVMR4vYo
D7IfZ5cg9U/MvO1RwzY0ECNIfhes3c1T2Kw5IYyJR6O0wSbjpNGYQuLhIVMziyz7
T+uh+UPulH5VGROpGz0eWND6qz9pP4FLFenA2De1IIxSLt7YTYle2Lvi9cR6p+Bz
dCnJF2cB85t6+glitH1jrtVfb+8jKtO/6iANlScujf3Bw2qixyt4jNciEGPBc5TD
gGms8J+xm7xZKxcW9m227zjyAqKj72tgSahD2CZjJnvNYOwJ+wMDlKZi8xXqS+4B
IL+mN134v8O+nUnPYWPLFg5Rr1h1ji+iIFKYHK017O9+1ipTH8clQFnx+OUFjGCM
6lFQHzNA2xct5Ju3FIaxal8mUGE9bCO5rSznO1kt7ZINbyvi5/NrnRbdDNPj8Amq
TVwwcVka7TJenVefPpW42kG8oFH5XEmkhIX0LxW+hZ3cD2KQjWL6PsJRFTRBUtCN
4C82vu4K11U3N2ghAPHprx4z0rjS51K3JhrE6HkGLx2gjxKIfBAodrqCvr3WAeUE
bp5++UCvOHurMJMofvOxiHJmujB+2B1TkZzCHzQjE1gTAhvdYJ6WmAnW4hFlCsxQ
zLS+YPOB/MvAUMjAmZCAR1F9UcQF9dk0wn0Pu0zOUBWnfR2+OUc=
=wW41
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-xen-devel
mailing list