[Pkg-xen-devel] xen_4.17.5+23-ga4e5191dc0-1+deb12u1_source.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Thu Mar 6 21:24:55 GMT 2025
Thank you for your contribution to Debian.
Mapping bookworm to stable.
Mapping stable to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 19 Feb 2025 00:00:27 +0100
Source: xen
Architecture: source
Version: 4.17.5+23-ga4e5191dc0-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Maximilian Engelhardt <maxi at daemonizer.de>
Closes: 1092495
Changes:
xen (4.17.5+23-ga4e5191dc0-1+deb12u1) bookworm; urgency=medium
.
* Ignore lintian error not relevant for bookworm in salsa-ci.
* Cherry-pick e6472d4668 (tools/xg: increase LZMA_BLOCK_SIZE for
uncompressing the kernel) to allow direct kernel boot with kernels >=
6.12 (Closes: #1092495).
.
xen (4.17.5+23-ga4e5191dc0-1) bookworm-security; urgency=medium
.
* Update to new upstream version 4.17.5+23-ga4e5191dc0, which also contains
security fixes for the following issues:
- x86: shadow stack vs exceptions from emulation stubs
XSA-451 CVE-2023-46841
- x86: Register File Data Sampling
XSA-452 CVE-2023-28746
- GhostRace: Speculative Race Conditions
XSA-453 CVE-2024-2193
- x86 HVM hypercalls may trigger Xen bug check
XSA-454 CVE-2023-46842
- x86: Incorrect logic for BTC/SRSO mitigations
XSA-455 CVE-2024-31142
- x86: Native Branch History Injection
XSA-456 CVE-2024-2201
- double unlock in x86 guest IRQ handling
XSA-458 CVE-2024-31143
- error handling in x86 IOMMU identity mapping
XSA-460 CVE-2024-31145
- PCI device pass-through with shared resources
XSA-461 CVE-2024-31146
- x86: Deadlock in vlapic_error()
XSA-462 CVE-2024-45817
- Deadlock in x86 HVM standard VGA handling
XSA-463 CVE-2024-45818
- libxl leaks data to PVH guests via ACPI tables
XSA-464 CVE-2024-45819
* Note that the following XSA are not listed, because...
- XSA-457 and XSA-465 have patches for the Linux kernel.
- XSA-459 is within Xapi which is not shipped by this package.
- XSA-466 contains a documentation update that was only applied to the
current development version of Xen
Checksums-Sha1:
39fe2824bf4a3c854476ab4fbf7c76dae695fe83 4522 xen_4.17.5+23-ga4e5191dc0-1+deb12u1.dsc
7a8c3d63afea82b677b48a5cab573e471fdaa397 138360 xen_4.17.5+23-ga4e5191dc0-1+deb12u1.debian.tar.xz
Checksums-Sha256:
ce58dba9623c85f54fd3d2614819b31b50ffce98d1c8854195aeba42a5740c79 4522 xen_4.17.5+23-ga4e5191dc0-1+deb12u1.dsc
e779b397afebb8fb9d4d3f42b9531a29ab0444e5dad28a5498de361fdcc41be7 138360 xen_4.17.5+23-ga4e5191dc0-1+deb12u1.debian.tar.xz
Files:
b3803e3249ce7d6f8694f4740bbd3fff 4522 admin optional xen_4.17.5+23-ga4e5191dc0-1+deb12u1.dsc
551c81f43e2e81057e6d743e83f14bab 138360 admin optional xen_4.17.5+23-ga4e5191dc0-1+deb12u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmfKBxEACgkQssHfcmNh
X2wmnRAApo4AukWKZPuQR6f0qaXSd98yNHz7/dtOYtn8eJjL88nDTHBqxRQzpf4j
cNdHxTJVGhwjzHgBav9fKTSa2pVlXUVdNXCB9VdyOhDqRZDOY8fek6j766spA8cU
xVYGsorUF5SAnXePkC1Q+H/BXpa3l2e1TEDM7ZJyipBpmhS+5QANlEL5sEqvRd82
dbUQAkliZiMrRpWeEa7bPe5ZLUSxuLoIps0TUrmvg+ZrkKbTED2TvK5vMxXGoyNv
IKGlgwYnUdjiB9XFAIH2WwJ0NwFAMXfYlvezzRPHMwUGGjOweeGH4bOI78Jt2tPO
28ER+A6kXJWIeZBLpavY3Tair+OzL5EtKlre5l+FdKDDKyvYVteSTbEIlRrwi8gz
Wo90mvjHmr9OOXnr0+baEMfewjVYkBj9wOko0LYe883hBOOnWMNUrJdJipoJcQ2c
EqgdBLmpnxFMkvNO1fDT1/5eQOGzYYZkT8r+jEn2pL4KvIFuhDy6aCVzDX11/fI8
LiRQf6qXph9yX/iEQ3Krd8JoXB1h/VHgGrQZnUOSDRjWWIJvRWx5S0ZujeKWTo2m
pSqmrqXoyEY2tfRjY/yyVfXfCrXtcwco9Gy9QwJ/bdlcn4KCefxQOZss0Hqui3mN
jx4tzdE+cMi/4TWJ6FqOu0p2EID/LJyU1cULUbzUoUIu0O8FehE=
=1MS5
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-xen-devel/attachments/20250306/430a89df/attachment.sig>
More information about the Pkg-xen-devel
mailing list