Debian Package Tracker

From: Ian Jackson <ijackson@chiark.greenend.org.uk>
To:
Subject: Accepted xen 4.8.5.final+shim4.10.4-1+deb9u12 (all amd64 source) into oldstable->embargoed, oldstable
Date: Mon, 13 Jan 2020 22:25:51 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 10 Jan 2020 17:09:30 +0000
Binary: libxen-4.8 libxen-dev libxenstore3.0 xen-hypervisor-4.8-amd64 xen-hypervisor-4.8-arm64 xen-hypervisor-4.8-armhf xen-system-amd64 xen-system-arm64 xen-system-armhf xen-utils-4.8 xen-utils-common xenstore-utils
Source: xen
Architecture: all amd64 source
Version: 4.8.5.final+shim4.10.4-1+deb9u12
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
Changed-By: Ian Jackson <ijackson@chiark.greenend.org.uk>
Closes: 908453
Description: 
 libxen-4.8 - Public libs for Xen
 libxen-dev - Public headers and libs for Xen
 libxenstore3.0 - Xenstore communications library for Xen
 xen-hypervisor-4.8-amd64 - Xen Hypervisor on AMD64
 xen-hypervisor-4.8-arm64 - Xen Hypervisor on ARM64
 xen-hypervisor-4.8-armhf - Xen Hypervisor on ARMHF
 xen-system-amd64 - Xen System on AMD64 (meta-package)
 xen-system-arm64 - Xen System on ARM64 (meta-package)
 xen-system-armhf - Xen System on ARMHF (meta-package)
 xen-utils-4.8 - XEN administrative tools
 xen-utils-common - Xen administrative tools - common files
 xenstore-utils - Xenstore command line utilities for Xen
Changes:
 xen (4.8.5.final+shim4.10.4-1+deb9u12) stretch-security; urgency=medium
 .
   * *NOTE* this will probably be the *LAST UPDATE* for Xen in Debian 9.x
     (stretch), since this is the last batch of security patches from
     upstream, where Xen 4.8 is out of security support.
 .
   * Update to new upstream final tip of 4.8 stable branch, which I have
     dubbed upstream/stable-4.8.5.final.  And shim 4.10.4.
   * This includes fixes to:
        XSA-311  CVE-2019-19577
        XSA-310  CVE-2019-19580
        XSA-309  CVE-2019-19578
        XSA-308  CVE-2019-19583
        XSA-307  CVE-2019-19581 CVE-2019-19582
        XSA-306  CVE-2019-19579
        XSA-305  CVE-2019-11135
        XSA-304  CVE-2018-12207
        XSA-303  CVE-2019-18422
        XSA-302  CVE-2019-18424
        XSA-301  CVE-2019-18423
        XSA-299  CVE-2019-18421
        XSA-298  CVE-2019-18425
        XSA-297  CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091
        XSA-296  CVE-2019-18420
        XSA-295  CVE-2019-17349 CVE-2019-17350
        XSA-294  CVE-2019-17348
        XSA-293  CVE-2019-17347
        XSA-292  CVE-2019-17346
        XSA-291  CVE-2019-17345
        XSA-290  CVE-2019-17344
        XSA-288  CVE-2019-17343
        XSA-287  CVE-2019-17342
        XSA-285 	CVE-2019-17341
        XSA-284 	CVE-2019-17340
   * For completeness, the following are not applicable:
        XSA-300  CVE-2019-17351  Bug is in Linux
        XSA-289                  Spectre V1 + L1TF combo; no new fixes
        XSA-283                  Withdrawn XSA number
        XSA-281                  Withdrawn XSA number
   * The following is *not* fixed at this time:
        XSA-286                  Still embargoed.
 .
   * README.comet: remove line about PVH support.
     [Hans van Kranenburg]  Closes:#908453.
Checksums-Sha1: 
 5b1b31e2ea7deaa1c4e0f4cfdcce1110fd6a7897 3142 xen_4.8.5.final+shim4.10.4-1+deb9u12.dsc
 f26af673bc03d6a54750eaf43e975eab4a4c0a4f 4200720 xen_4.8.5.final+shim4.10.4.orig-shim.tar.xz
 7d65e50c786aff9eebecc6e30f3d30d7583468b8 3940796 xen_4.8.5.final+shim4.10.4.orig.tar.xz
 27c2409dfad63e096427f2f322f99c9c288f2adc 59500 xen_4.8.5.final+shim4.10.4-1+deb9u12.debian.tar.xz
 e256dff0cb6959c691cccd4f0f94aff0ad0a70c5 1610722 libxen-4.8-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 52605aca393641b078d0e867c159c29606850fab 413476 libxen-4.8_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 34f842744344404b19a2cfcd7ac8c30194558b81 653432 libxen-dev_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 82292d72ba80f4ab7458da98c7e3550e21b2fd9d 25248 libxenstore3.0-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 2f031abf0e433cd9df81b48419488cf8584cfe34 35608 libxenstore3.0_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 817177fdfff5adf4ede40412494b9fc6d998df3e 2337428 xen-hypervisor-4.8-amd64_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 7c6c6e5a902ce108df0e945ab2e8cdda8148edc2 24624 xen-system-amd64_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 0a6b4becbaa38ef14b4a7a70bc5bc3ee2e693b96 854886 xen-utils-4.8-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 a25f45dca8843cd41be71bd384caae38cb607efd 424814 xen-utils-4.8_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 2439727a38d26ef085b5c901a18d2476c98b1b71 288750 xen-utils-common_4.8.5.final+shim4.10.4-1+deb9u12_all.deb
 095d382c9569147cf6f9aee9222dbf5914237f73 12171 xen_4.8.5.final+shim4.10.4-1+deb9u12_amd64.buildinfo
 ddd8aa5d90cf3c7d34e2006db374b9a7cfe4253c 13370 xenstore-utils-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 8720f5875de6a9734cdcf8dd235a1b041cda1a4f 31384 xenstore-utils_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
Checksums-Sha256: 
 3ad4fb79437429842a2c9b46029f0565f1d53e7231da79dcf59b569975f607d1 3142 xen_4.8.5.final+shim4.10.4-1+deb9u12.dsc
 a25ea110c6676c370426f7f87957999a1e32121e446ec7a26cc779b67c2b9a91 4200720 xen_4.8.5.final+shim4.10.4.orig-shim.tar.xz
 8c9b781c9343e2c4963d4ba46415104e7cbb6714d8d06a6f6bd28d7060392d87 3940796 xen_4.8.5.final+shim4.10.4.orig.tar.xz
 b19abbaf6961b5bf33bae5a6cb6b77c2793491447910f5c8d9475f1252f5fb0e 59500 xen_4.8.5.final+shim4.10.4-1+deb9u12.debian.tar.xz
 964f5965320f806adadb416d998fdccb0f51debcedf60db8aa6fa8281eb2bd77 1610722 libxen-4.8-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 d424985604d793c7f9ec1c52baabe7df1ab4f0552aa9b98ef53add3d24d930a6 413476 libxen-4.8_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 218c5925df8d2f35f197eee7038e89d21a395c08a32d12c61f6a96d30389f70f 653432 libxen-dev_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 82deb5bc7671d4bf2c614788dcf578c93da03bc839f91ad93c07928367348b8e 25248 libxenstore3.0-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 fc69118fe5601c812fc905d23489021b75c1e6d4c69f6fc649dd5dfa3949ac86 35608 libxenstore3.0_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 59b6593b52c4904ac1c196f77dbbf78dd129242cf2276c3a9ce2fc440038d86c 2337428 xen-hypervisor-4.8-amd64_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 10b5dc4292dcb0b03384203974d1ca3e7753acba0e24dd5e36f9eeb4c5f6eee5 24624 xen-system-amd64_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 39023d74e418be3157dc18be5c376cd73c911397d805e4d3b0288e28e34a9413 854886 xen-utils-4.8-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 0f793947d87bc3cc81ddddeed5a2443a3402cab59b4b9594fd2a0dbd5fcaed48 424814 xen-utils-4.8_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 884946690bdcd5a4cc1c8497e2b2a65b84d94ce56ac14d51940c657104d097b0 288750 xen-utils-common_4.8.5.final+shim4.10.4-1+deb9u12_all.deb
 00fbcbfff0720cbbac7da4c0c267531d4dbb10ed2eb2582105aa25653944b94f 12171 xen_4.8.5.final+shim4.10.4-1+deb9u12_amd64.buildinfo
 ddf6cedaf2629e792133d362737e8b69d9182143c3795fda8be9387ccde515a0 13370 xenstore-utils-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 530ebe2cbff0a10671461f382466972a97991d8d833256bcac5e87f2125d17f0 31384 xenstore-utils_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
Files: 
 9c7941741511198360522571ce5ca3d9 3142 kernel optional xen_4.8.5.final+shim4.10.4-1+deb9u12.dsc
 98607d3568409938e6006aee3e88de43 4200720 kernel optional xen_4.8.5.final+shim4.10.4.orig-shim.tar.xz
 33e48954b3a4caba204747f2e875461b 3940796 kernel optional xen_4.8.5.final+shim4.10.4.orig.tar.xz
 b8ce90253ce6e175b832dff4df890020 59500 kernel optional xen_4.8.5.final+shim4.10.4-1+deb9u12.debian.tar.xz
 58650886760999c5f1d170ee8a46f1ce 1610722 debug extra libxen-4.8-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 3c22f09a473578d80ad60bd3ead2d35a 413476 libs optional libxen-4.8_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 c8cde1f4ce7ecf1d624c128bba011358 653432 libdevel optional libxen-dev_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 8848907287446a6b9797b6123d656c04 25248 debug extra libxenstore3.0-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 a7f6463e508c70984a46f3e4cb8c7efa 35608 libs optional libxenstore3.0_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 0863a3a719bb9834c3c4d89fd153f04f 2337428 kernel optional xen-hypervisor-4.8-amd64_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 d82f70963bb718bdb9662ad9b4efa024 24624 kernel optional xen-system-amd64_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 adcfc5039e61cbef0a9e69955c6b9f47 854886 debug extra xen-utils-4.8-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 ca2308b0c71362e71f2a95799cf4a4c9 424814 kernel optional xen-utils-4.8_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 11fcfe38b688cb6a5084938a3896e126 288750 kernel optional xen-utils-common_4.8.5.final+shim4.10.4-1+deb9u12_all.deb
 61cf6c1c5c0333289cddedce1551f134 12171 kernel optional xen_4.8.5.final+shim4.10.4-1+deb9u12_amd64.buildinfo
 6c6b4e600ddbe2a7b6d43190ae28ac15 13370 debug extra xenstore-utils-dbgsym_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb
 659158a7592c5cc356673318a7b31015 31384 admin optional xenstore-utils_4.8.5.final+shim4.10.4-1+deb9u12_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQFUBAEBCAA+FiEEVZrkbC1rbTJl58uh4+M5I0i1DTkFAl4YtIYgHGlqYWNrc29u
QGNoaWFyay5ncmVlbmVuZC5vcmcudWsACgkQ4+M5I0i1DTkmaAgAkB0NoZK0di2p
BiI8mTED+ura16gX1LDyUVET78vRNtAtgcHgDlK5yz1WlGtCTeVFaz1vg9yid0Tt
QyyT33N7eggYxFutQxHxMltKq61CC8T1OzZwSvqAWSicYXVWJqQh0fTKzwzhw7hx
aKWTrs5A8p/EqBpuIk1S6DG9RVMjUbd3FivfaAuQY/izRBpB5esWIl48Ogc8kJPs
KgLYEgK2N7qQ8FBc/SygDtEp9MpfbMEAUM6INNGBEqx0BXpAvz7ocPGf/pNjKdXR
mN1b5jQeFtxtzVJpMf4bxTIPmS/mLPtxLgjsmPHLMH/o3fl7gN/R8tTOCFcsJCxi
2ROjn9R/8w==
=ad9g
-----END PGP SIGNATURE-----
News for package xen
