-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 04 Feb 2024 13:45:17 +0100 Source: xen Architecture: source Version: 4.17.3+10-g091466ba55-1 Distribution: unstable Urgency: medium Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org> Changed-By: Hans van Kranenburg <hans@knorrie.org> Closes: 1062048 Changes: xen (4.17.3+10-g091466ba55-1) unstable; urgency=medium . * Update to new upstream version 4.17.3+10-g091466ba55, which also contains security fixes for the following issues: - arm32: The cache may not be properly cleaned/invalidated (take two) XSA-447 CVE-2023-46837 - pci: phantom functions assigned to incorrect contexts XSA-449 CVE-2023-46839 - VT-d: Failure to quarantine devices in !HVM builds XSA-450 CVE-2023-46840 * Note that the following XSA are not listed, because... - XSA-448 has patches for the Linux kernel. * Compilation with Python 3.12 has been fixed in upstream commit 4000522008 ("Only compile the hypervisor with -Wdeclaration-after-statement") (Closes: #1062048) Checksums-Sha1: 6dc8e1f474a9f2526638c8c48a7ebb638315b862 4482 xen_4.17.3+10-g091466ba55-1.dsc 8c9e98e1cd4b9925a2e599d9cf406f443847a3de 4671096 xen_4.17.3+10-g091466ba55.orig.tar.xz 4e8f5e8551e49b3a9a953393107a1ef900f54ee2 136956 xen_4.17.3+10-g091466ba55-1.debian.tar.xz Checksums-Sha256: 141c97c9fcc01d55802b9e4daabb52f2179858039d488338f4929f241020931b 4482 xen_4.17.3+10-g091466ba55-1.dsc 3d9e9e898972da50456fd885a39e4cbe19b0e0bc028c83edaf0ba7cb2e6128f2 4671096 xen_4.17.3+10-g091466ba55.orig.tar.xz 4e03aa91cec9faa7dea27a0b502efea23aa20450a334b61bac5b50c4a27651f3 136956 xen_4.17.3+10-g091466ba55-1.debian.tar.xz Files: 006ecbeca3d2534690db1ab943a5e61a 4482 admin optional xen_4.17.3+10-g091466ba55-1.dsc b51b55f52b3baf6427ff88de9d122570 4671096 admin optional xen_4.17.3+10-g091466ba55.orig.tar.xz 3577e1a53ddc3485acd1c6f11d433f57 136956 admin optional xen_4.17.3+10-g091466ba55-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmW/lcMACgkQssHfcmNh X2yGCw/8DjKomT6o1BJjbP4BRnz4+08OIHfmwQsZ9Em7Vaz4+N2zgeJ+nbNmMLPP KIKcLMTrtM1yYiD+fg/lArx52h7ZAGn6d4Zf1d2cttNW6UnBkszxOO+z89yi0uNo MdWjG91EOBChIwJ+QdcIk9QMNIiSmKBPws2mFsThk2L/2MONJ+hlBvp0Qao38fuX C+b9s4ByAt3T/+Mrlfxkc2b/EE6ihA6vt2Evq8VzMJZiMoafnq3WSM4pIbzQ7KmK ES4DSx5UJK15WNky2Ah4S8A5jJOGSlEFdAXz+VlJWPS9eQ5nGlczT19leCQDJCfi q/YyJmYcNM44zziBEiZ//RDqH2Dt+XuMj7F0BfNQdAW0fMA3SOaa8i2sVfQhcNUu cvGVqEH+ZAZGoQTzHAYVSBL5gzUrwGy7h7//WNu1H7+7PsjxcHl4UMHSxkflF9+U bHHvp0AYVwc67nSmNGlk6hQ24zqjyeukTCVeR7zdZ/43ec9eXnixUrjW+cmRnDDs kAt+xqCeShOwMkDHsFtspZ4RlyB6vitX4/2xnwDQP+Ecrg++Dh2XchF82hvQHvT6 g/UK0AXHNEVeKrhWhKvWBih9+NrdWgqY4QH4GHMXNGoujSXFXysiaRIGsKlsywty AnRME2CYQySYLVQduLijHmNJJ6d4mbFj0M00hYHsvZ5LIfRbwgs= =Z0Xq -----END PGP SIGNATURE-----