[Pkg-xen-devel] xen_4.16.2-1_source.changes ACCEPTED into unstable

[Debian FTP Masters]

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 23 Aug 2022 13:25:38 +0200
Source: xen
Architecture: source
Version: 4.16.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Hans van Kranenburg <hans at knorrie.org>
Closes: 1016547
Changes:
 xen (4.16.2-1) unstable; urgency=medium
 .
   * Update to new upstream version 4.16.2, which also contains
     security fixes for the following issues:
     - x86 pv: Race condition in typeref acquisition
       XSA-401 CVE-2022-26362
     - x86 pv: Insufficient care with non-coherent mappings
       XSA-402 CVE-2022-26363 CVE-2022-26364
     - Linux disk/nic frontends data leaks
       XSA-403 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742
       Note that this XSA also contains patches that have to be applied to the
       Linux kernel to make use of the new mitigations.
     - x86: MMIO Stale Data vulnerabilities
       XSA-404 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166
     - Retbleed - arbitrary speculative code execution with return instructions
       XSA-407 CVE-2022-23816 CVE-2022-23825 CVE-2022-29900
     - insufficient TLB flush for x86 PV guests in shadow mode
       XSA-408 CVE-2022-33745
   * Note that the following XSA are not listed, because...
     - XSA-405 and XSA-406 have patches for the Linux kernel.
   * d/.../grub.d/xen.cfg: Redirect output when running grub-mkconfig so that
     we do not wrongly cause text to end up being part of the generated grub
     configuration. (Closes: #1016547)
   * Clean up lintian overrides that are reported as unused.
   * Move comments about lintian overrides above the override line itself,
     instead of being below, as instructed by the lintian documentation.
   * Deal with formatting changes in lintian output, which invalidate
     overrides we have. Also see Debian bug #1007002 for more information.
Checksums-Sha1:
 2b21c23d167a70d4bad230e7775c089c25ade2f5 4023 xen_4.16.2-1.dsc
 8429ab579b54b1d0facb4df5498c759de58919ed 4556972 xen_4.16.2.orig.tar.xz
 e58013df0fd1f3b61fbe72dd73b5510a6b770ac4 131140 xen_4.16.2-1.debian.tar.xz
Checksums-Sha256:
 e4d48ea5bef0d3d421e34c096d686e98fb9825eccd3c2c74fb103bd92bc6f607 4023 xen_4.16.2-1.dsc
 515da24b898af97254047c415a61bc9729f5c029a45e7dc9e33ba73783853a6e 4556972 xen_4.16.2.orig.tar.xz
 f84e19fc31174d148d273fd895eee837cf92fef9551c6bd290eac88119b02829 131140 xen_4.16.2-1.debian.tar.xz
Files:
 82eb13205e1f88678bac633c8b0761ca 4023 admin optional xen_4.16.2-1.dsc
 2b6ac9d570ad75d81d1e7cd47815ec10 4556972 admin optional xen_4.16.2.orig.tar.xz
 bdeefd802fa6657cb04f3af669c2966a 131140 admin optional xen_4.16.2-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmMExwkACgkQssHfcmNh
X2xxZw/+LYk7IOm0LSIipreu6mKrKOv/PQji6Llz3lw8eC9lElAiOhh3A7U5OMcS
DWimSpcxchP44mVlGK4T2PgTA4mEa3MpX968URmY2ExUPqJhV7lD6HYoG1v3PSu6
EP8u6iedOzQAi32SB3f11CqlE64dfE9s6+2zBIhjkLnn/mF8HW/JNmul2N7YzaPJ
7+gDEfxBifFO/JtmRt4mboXiGmDmhpI7wp9g40bHEBCPxomrq3ohGxnYpG3hXj0X
pM7F5jwoBvGEL/rr0XHTaz8zMZoFeNyIBZJ9BzdGmKu4CGKkC+hALn3P1wyrbq/u
5h0E3s7Gt8247mPiqVUJRCjNSI102urOUq95Uy/N5YV99UsdEMdJugJvmvtOngOC
p9O2M5al1Uw3dRb+NCQzg0DyZd9aOWcYvjGnmMFLQzU0LEylCFF6OGjy+1/yk7nd
8RE95n513Iyuo22SkkAAvbmx1Ycg+WlvsFWFnofvbRnztlYeFtmcQoz9/sx6Z/9H
JgWMxCl9WHxEcBDpJBMsEDUvaRIIwd1fOYU+mYabKVZbueCZKjI6qNVdEg2tn/bX
OolDvVy3r2Cc9NWb+w7WjIWuLcMzaAjH+PMGnHLQMEz6kWL56jYgehA//2il9VOX
kOu1PG0noTC4F0pi95qhzrdRrf/ILfVmvgUfi0aQV8/xOoexbws=
=+O5y
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.