-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 20 Aug 2023 16:08:59 +0200 Source: xen Architecture: source Version: 4.17.2-1 Distribution: unstable Urgency: medium Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org> Changed-By: Maximilian Engelhardt <maxi@daemonizer.de> Closes: 1042102 Changes: xen (4.17.2-1) unstable; urgency=medium . * Update to new upstream version 4.17.2, which also contains security fixes for the following issues: (Closes: #1042102) - x86/AMD: Zenbleed XSA-433 CVE-2023-20593 - x86/AMD: Speculative Return Stack Overflow XSA-434 CVE-2023-20569 - x86/Intel: Gather Data Sampling XSA-435 CVE-2022-40982 - arm: Guests can trigger a deadlock on Cortex-A77 XSA-436 CVE-2023-34320 * Note that the following XSA are not listed, because... - XSA-432 has patches for the Linux kernel. Checksums-Sha1: 33783409f02961684dfe99d716d2ea0c46a775ea 4362 xen_4.17.2-1.dsc 85b3e06f6f688ebf187359a228d1ff06d0694e59 4665484 xen_4.17.2.orig.tar.xz f2832893f12637f3cd10a5b07092c48052119289 136680 xen_4.17.2-1.debian.tar.xz Checksums-Sha256: c46b0bbb11fba45d4cf1f37ad90f35e242809394b04455b4842467284c2f15bc 4362 xen_4.17.2-1.dsc 58e5f47cfc57e74e890ee0d502ee34ed76cecedd7a7303f66c8855b1c971c32b 4665484 xen_4.17.2.orig.tar.xz 3e0ca3a8c470722ce41482b605df0a7abaaabccc57a40fd96dc693e6be16608d 136680 xen_4.17.2-1.debian.tar.xz Files: 851315a0dd4af98e830bbb8b99305f8c 4362 admin optional xen_4.17.2-1.dsc 0891e2e77f5f2c6052c7bae4d7243c3d 4665484 admin optional xen_4.17.2.orig.tar.xz 8d17d02fcc5af0a34a902a519a86fb93 136680 admin optional xen_4.17.2-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmTiJQ0ACgkQssHfcmNh X2xcrRAAnT9hRBrZZurPAaBtMviZk+wiaCPu+YkmBQWn8gxynjsz/NdT/Xes/I9F tI7zUYWgbRzdEOylOgaJQuFskn6Q0IeSzrADxkPHJEoYOD8kd9s4lZ2HcseDHrtd PnhkNd2pFnXm4LzD0mkg6NmAvfcmsLvVqU/D+zCsVyJgOl3IOniGkVqrLu3FjWQL iNqtS8m/7CY3gspGGI5ePK8IMYt+RWv9bZ91vsxNhssDvVgvmVKmsBDUeXLPHc4z Tl8e903jGbGCgw0yConkyW3ZFev8jE0XjTqMtSQPqzyJklNCWyoILzLNfauN8lOm RfWM5ZJHLDdin5z4G6H4L3CBjzqEoyc9wTCpSkJHVqxKMYnifq6JL79zZLC42qBp tiwib96dRLhW3nbWqMg4o63uUamG+2fL7HxBT9UvFC7h2hIhdTx7QU1DvB5Yz+Sh uWLxjqOUG2V7nuqhxXlD9tuK0Eezr8lIuTLKFie1gEBBfD4rc2EonwfNrNtt6h2u M6LyONCUhn1ffJfrhdzyWaNt53Wu9gDMpGm8esCTqjJzntSHWNr/FjrslRyI8jPi jwipc4BAunjWIg1wMVRMp6qnsEIG/sKNQkV3rUGD+FhtZSAifOlpp3tPZLYKFJuM Qop6eu8PXJywm7EnfeuZsZnKkNMsCbMSfy8uoUNOX3cmvhv6wWo= =9SK1 -----END PGP SIGNATURE-----