[Pkg-xen-devel] xen_4.16.2-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Tue Aug 23 13:34:36 BST 2022
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 23 Aug 2022 13:25:38 +0200
Source: xen
Architecture: source
Version: 4.16.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Hans van Kranenburg <hans at knorrie.org>
Closes: 1016547
Changes:
xen (4.16.2-1) unstable; urgency=medium
.
* Update to new upstream version 4.16.2, which also contains
security fixes for the following issues:
- x86 pv: Race condition in typeref acquisition
XSA-401 CVE-2022-26362
- x86 pv: Insufficient care with non-coherent mappings
XSA-402 CVE-2022-26363 CVE-2022-26364
- Linux disk/nic frontends data leaks
XSA-403 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742
Note that this XSA also contains patches that have to be applied to the
Linux kernel to make use of the new mitigations.
- x86: MMIO Stale Data vulnerabilities
XSA-404 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166
- Retbleed - arbitrary speculative code execution with return instructions
XSA-407 CVE-2022-23816 CVE-2022-23825 CVE-2022-29900
- insufficient TLB flush for x86 PV guests in shadow mode
XSA-408 CVE-2022-33745
* Note that the following XSA are not listed, because...
- XSA-405 and XSA-406 have patches for the Linux kernel.
* d/.../grub.d/xen.cfg: Redirect output when running grub-mkconfig so that
we do not wrongly cause text to end up being part of the generated grub
configuration. (Closes: #1016547)
* Clean up lintian overrides that are reported as unused.
* Move comments about lintian overrides above the override line itself,
instead of being below, as instructed by the lintian documentation.
* Deal with formatting changes in lintian output, which invalidate
overrides we have. Also see Debian bug #1007002 for more information.
Checksums-Sha1:
2b21c23d167a70d4bad230e7775c089c25ade2f5 4023 xen_4.16.2-1.dsc
8429ab579b54b1d0facb4df5498c759de58919ed 4556972 xen_4.16.2.orig.tar.xz
e58013df0fd1f3b61fbe72dd73b5510a6b770ac4 131140 xen_4.16.2-1.debian.tar.xz
Checksums-Sha256:
e4d48ea5bef0d3d421e34c096d686e98fb9825eccd3c2c74fb103bd92bc6f607 4023 xen_4.16.2-1.dsc
515da24b898af97254047c415a61bc9729f5c029a45e7dc9e33ba73783853a6e 4556972 xen_4.16.2.orig.tar.xz
f84e19fc31174d148d273fd895eee837cf92fef9551c6bd290eac88119b02829 131140 xen_4.16.2-1.debian.tar.xz
Files:
82eb13205e1f88678bac633c8b0761ca 4023 admin optional xen_4.16.2-1.dsc
2b6ac9d570ad75d81d1e7cd47815ec10 4556972 admin optional xen_4.16.2.orig.tar.xz
bdeefd802fa6657cb04f3af669c2966a 131140 admin optional xen_4.16.2-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmMExwkACgkQssHfcmNh
X2xxZw/+LYk7IOm0LSIipreu6mKrKOv/PQji6Llz3lw8eC9lElAiOhh3A7U5OMcS
DWimSpcxchP44mVlGK4T2PgTA4mEa3MpX968URmY2ExUPqJhV7lD6HYoG1v3PSu6
EP8u6iedOzQAi32SB3f11CqlE64dfE9s6+2zBIhjkLnn/mF8HW/JNmul2N7YzaPJ
7+gDEfxBifFO/JtmRt4mboXiGmDmhpI7wp9g40bHEBCPxomrq3ohGxnYpG3hXj0X
pM7F5jwoBvGEL/rr0XHTaz8zMZoFeNyIBZJ9BzdGmKu4CGKkC+hALn3P1wyrbq/u
5h0E3s7Gt8247mPiqVUJRCjNSI102urOUq95Uy/N5YV99UsdEMdJugJvmvtOngOC
p9O2M5al1Uw3dRb+NCQzg0DyZd9aOWcYvjGnmMFLQzU0LEylCFF6OGjy+1/yk7nd
8RE95n513Iyuo22SkkAAvbmx1Ycg+WlvsFWFnofvbRnztlYeFtmcQoz9/sx6Z/9H
JgWMxCl9WHxEcBDpJBMsEDUvaRIIwd1fOYU+mYabKVZbueCZKjI6qNVdEg2tn/bX
OolDvVy3r2Cc9NWb+w7WjIWuLcMzaAjH+PMGnHLQMEz6kWL56jYgehA//2il9VOX
kOu1PG0noTC4F0pi95qhzrdRrf/ILfVmvgUfi0aQV8/xOoexbws=
=+O5y
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-xen-devel
mailing list