Debian Package Tracker

From: Hans van Kranenburg <hans@knorrie.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted xen 4.11.3+24-g14b62ab3e5-1 (source) into unstable
Date: Wed, 08 Jan 2020 16:20:56 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 08 Jan 2020 12:41:42 +0100
Source: xen
Architecture: source
Version: 4.11.3+24-g14b62ab3e5-1
Distribution: unstable
Urgency: high
Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
Changed-By: Hans van Kranenburg <hans@knorrie.org>
Closes: 947944
Changes:
 xen (4.11.3+24-g14b62ab3e5-1) unstable; urgency=high
 .
   * Update to new upstream version 4.11.3+24-g14b62ab3e5, which also
     contains the following security fixes: (Closes: #947944)
     - Unlimited Arm Atomics Operations
       XSA-295 CVE-2019-17349 CVE-2019-17350
     - VCPUOP_initialise DoS
       XSA-296 CVE-2019-18420
     - missing descriptor table limit checking in x86 PV emulation
       XSA-298 CVE-2019-18425
     - Issues with restartable PV type change operations
       XSA-299 CVE-2019-18421
     - add-to-physmap can be abused to DoS Arm hosts
       XSA-301 CVE-2019-18423
     - passed through PCI devices may corrupt host memory after deassignment
       XSA-302 CVE-2019-18424
     - ARM: Interrupts are unconditionally unmasked in exception handlers
       XSA-303 CVE-2019-18422
     - x86: Machine Check Error on Page Size Change DoS
       XSA-304 CVE-2018-12207
     - TSX Asynchronous Abort speculative side channel
       XSA-305 CVE-2019-11135
     - Device quarantine for alternate pci assignment methods
       XSA-306 CVE-2019-19579
     - find_next_bit() issues
       XSA-307 CVE-2019-19581 CVE-2019-19582
     - VMX: VMentry failure with debug exceptions and blocked states
       XSA-308 CVE-2019-19583
     - Linear pagetable use / entry miscounts
       XSA-309 CVE-2019-19578
     - Further issues with restartable PV type change operations
       XSA-310 CVE-2019-19580
     - Bugs in dynamic height handling for AMD IOMMU pagetables
       XSA-311 CVE-2019-19577
   * Add missing CVE numbers to previous changelog entries
Checksums-Sha1:
 aaafb1b9b82f68a946bfdca0ed03a60c59fc6a3d 4207 xen_4.11.3+24-g14b62ab3e5-1.dsc
 0dfed333ead97bfcab82282a89cd152ab1cf4de5 4246660 xen_4.11.3+24-g14b62ab3e5.orig.tar.xz
 d774863493a5b6987465c678dc73e7ce4292c97e 133852 xen_4.11.3+24-g14b62ab3e5-1.debian.tar.xz
Checksums-Sha256:
 7e86e40181c387817575a908ae59f5521ad3f277d69ed9948b76c5bf5efbcb60 4207 xen_4.11.3+24-g14b62ab3e5-1.dsc
 2286fbfbf986ea4baaae4cad8b3adab3bbd1a966cb019dd3f59a177b8036d189 4246660 xen_4.11.3+24-g14b62ab3e5.orig.tar.xz
 ccedfe97a1aa92d1e8e96cf367462835d51948b3370b8e461413b312277e33f7 133852 xen_4.11.3+24-g14b62ab3e5-1.debian.tar.xz
Files:
 c852aef3c0ef4a3dd94fda474e9f1d06 4207 admin optional xen_4.11.3+24-g14b62ab3e5-1.dsc
 540bbe24beb11abe005a386892b192a5 4246660 admin optional xen_4.11.3+24-g14b62ab3e5.orig.tar.xz
 e5997186034b940856614606b59da0d4 133852 admin optional xen_4.11.3+24-g14b62ab3e5-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAl4V/UwACgkQssHfcmNh
X2y0Tw/+PyHRoTaOV4+1KHaDA/B6kN635QvCAvOjEcdUNfPSfTSS4kt7AvHWuH2F
WGiDCi8k6gg5Z6XXCVzxr8ptp8Xmhn1LMYEjL6jfkbnSTPC6aKWyZEG41fUgZaIS
o5QiwhBAthZIBBm+m9ZtHvdHVXwIzR6Off+a8ONjFVyNQDAjXOGRcWjoguu9GS7l
u7W6/zj2nyznT0yC41a2WwRBCtKFSaXl9wJN/9RqtTli7o57V00+cLNsctUaN7SF
2eBksuLWTSLmApU+zvo4+/eWQHozfhp1rfxz+v87OY4SvO1ZbgAw7BWjxUHS/TBf
jvV6aOSj7lxZ3xgosSTKVgRPPioNQ41liteouF2tau3ML6PVEuNH6Mp69Qh96JIR
/2uA9YydFHC27/2zW9EyucdBcn917kHAQzlRdZ/UWa43xBo/o6hxrnqLif3zmeYw
rHffh7sjvLFBj6qrJRj2xot2SojsXXyGCj/8T0FOB5H5/dhHPoY2xArAoxSt28R3
WgzA6Ey7t77rzKpPcQyvujpZUDnuug7OeG4HJ5wuu80paYZ2TxoxNVv00mxBJiCC
ChzzfiH5iYTySQClV4iXVwmsq6sBD2zUDHzFkc8quLSGLp7gTreAbFltaXc1v0Vk
BtdUuzdxzLMSzLedmUwQH422YCSLq5eGEQJcSecObCZXLt94Lm4=
=gGux
-----END PGP SIGNATURE-----
News for package xen
