Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted xen 4.20.2+7-g1badcf5035-1 (source) into unstable
Date: Sat, 29 Nov 2025 11:05:44 +0000
Signed by: Hans van Kranenburg <hans@knorrie.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 28 Nov 2025 00:14:24 +0100
Source: xen
Architecture: source
Version: 4.20.2+7-g1badcf5035-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
Changed-By: Maximilian Engelhardt <maxi@daemonizer.de>
Closes: 1105193 1120075
Changes:
 xen (4.20.2+7-g1badcf5035-1) unstable; urgency=medium
 .
   Significant changes:
   * Update to new upstream version 4.20.2+7-g1badcf5035, which also contains
     security fixes for the following issues:
     (Closes: #1105193) (Closes: #1120075)
     - x86: Indirect Target Selection
       XSA-469 CVE-2024-28956
     - x86: Incorrect stubs exception handling for flags recovery
       XSA-470 CVE-2025-27465
     - x86: Transitive Scheduler Attacks
       XSA-471 CVE-2024-36350 CVE-2024-36357
     - Multiple vulnerabilities in the Viridian interface
       XSA-472 CVE-2025-27466 CVE-2025-58142 CVE-2025-58143
     - Arm issues with page refcounting
       XSA-473 CVE-2025-58144 CVE-2025-58145
     - x86: Incorrect input sanitisation in Viridian hypercalls
       XSA-475 CVE-2025-58147 CVE-2025-58148
     - Incorrect removal of permissions on PCI device unplug
       XSA-476 CVE-2025-58149
   * Note that the following XSA are not listed, because...
     - XSA-468 applies to Windows PV drivers
     - XSA-474 applies to XAPI which is not included in Debian
 .
   Packaging minor fixes and improvements:
   * debian/salsa-ci.yml: adjust for new salsa-ci pipeline
Checksums-Sha1:
 14cb120eabe63c5d06632c8d45383cb4bb605908 4138 xen_4.20.2+7-g1badcf5035-1.dsc
 24bd3f07ebb7c56981501afc2375370c5d571222 4953752 xen_4.20.2+7-g1badcf5035.orig.tar.xz
 d2001f845a38a5cab51a592fc98e32ab9a04c39d 138860 xen_4.20.2+7-g1badcf5035-1.debian.tar.xz
Checksums-Sha256:
 a612f57220cb6f7ecff30386cb20fd9ff21003822d0d44c0ce1b80483d9f5101 4138 xen_4.20.2+7-g1badcf5035-1.dsc
 8476bb9e37fd8f7d7a0e465d43767697258120b1362575110a9c377aca026483 4953752 xen_4.20.2+7-g1badcf5035.orig.tar.xz
 5578b8ace7f4cf1d4d1a06c69423a07671c25dfbe28f9c5b8c2a673e34e171e1 138860 xen_4.20.2+7-g1badcf5035-1.debian.tar.xz
Files:
 ec9f105b92f8fc0a5d1e4441f02252b9 4138 admin optional xen_4.20.2+7-g1badcf5035-1.dsc
 d6ff179cc60c91c5bd2fbf5f04b0012f 4953752 admin optional xen_4.20.2+7-g1badcf5035.orig.tar.xz
 dba9d6f27e92c578018fa5c20d8d1720 138860 admin optional xen_4.20.2+7-g1badcf5035-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmkq0HgACgkQssHfcmNh
X2zXAQ/9HgF3QHyCjQmuSCo3hZuq6LrYQ8q2pcOrLA/YliVtBcnjpffyavWnOT5O
aRMaHBkObzfS35sBEnpnZR8joZgzLra8FS58bMQht/qfrM3W4fWzC8CmyEgOfzZF
yDpk2I5lCuZBZyHsO2mbaU3o3GESMa1NFhnlFEsrhUgYScyomE+NRKE35RThVOl4
Gk/v0OdKQ0M6K+8HqhAc8v5XTMrHIiiN+ork4yQpBonPdRM9isKjTAVEFgVn2vme
rjUuJV1QbnIz+yNNxH8jZhsBbKM9vNGAvquDfbN9zzaG8WtlzgnxO3MkN2Zik1JF
qXpTZpIcY2JqGbt8R+U+oNPI/c2pByrISyklTDvkzZ4BZLhZmULWSP/y1Mc2ZaA5
M5mI/QKuxKYfEbB5NQ2+vpAr1dIqvUF0epBoY8MIL7NYSa14xUcURvMsCsTfVN+Y
Q9Ka8Qo/ZaNT9dl4W7G71L+9VX7wEcMd8EtxHWej9NNBa1NPDQgGea8iXVIBIU5b
4WclMIHKizUC2ht9X5pmNJfMn/h8tvcuKzlFDUSAUmT2MK7We1boxjJpf0nL2/d4
eHYtKwbtEAbghZPbfJ9x2eal4X6UvCvsFX1Jv9eCnB0Lu78LGUtdgjD0ynPo69ZN
YhVCVKKUIPItsNXdTZ6qn43Zbphw+TJpuUpuUFgDgobrdxUHEgQ=
=k25y
-----END PGP SIGNATURE-----
News for package xen
