-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 05 Sep 2017 18:35:04 +0100 Source: xen Binary: libxen-4.4 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.4 xen-hypervisor-4.4-amd64 xen-system-amd64 xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.4-armhf xen-system-armhf Architecture: source i386 all Version: 4.4.1-9+deb8u10 Distribution: jessie-security Urgency: medium Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org> Changed-By: Ian Jackson <ian.jackson@eu.citrix.com> Description: libxen-4.4 - Public libs for Xen libxen-dev - Public headers and libs for Xen libxenstore3.0 - Xenstore communications library for Xen xen-hypervisor-4.4-amd64 - Xen Hypervisor on AMD64 xen-hypervisor-4.4-arm64 - Xen Hypervisor on ARM64 xen-hypervisor-4.4-armhf - Xen Hypervisor on ARMHF xen-system-amd64 - Xen System on AMD64 (meta-package) xen-system-arm64 - Xen System on ARM64 (meta-package) xen-system-armhf - Xen System on ARMHF (meta-package) xen-utils-4.4 - XEN administrative tools xen-utils-common - Xen administrative tools - common files xenstore-utils - Xenstore command line utilities for Xen Changes: xen (4.4.1-9+deb8u10) jessie-security; urgency=medium . Security updates, including some very important fixes: * XSA-217 CVE-2017-10912 * XSA-218 CVE-2017-10913 CVE-2017-10914 * XSA-219 CVE-2017-10915 * XSA-221 CVE-2017-10917 * XSA-222 CVE-2017-10918 * XSA-224 CVE-2017-10919 * XSA-226 CVE-2017-12135 * XSA-227 CVE-2017-12137 * XSA-230 CVE-2017-12855 * XSA-235 no CVE assigned yet . Bugfixes: * evtchn: don't reuse ports that are still "busy" (for XSA-221 patch) . FYI, XSAs which remain outstanding because no patch is available. * XSA-223: armhf/arm64 guest-induced host crash vulnerability . FYI, inapplicable XSAs, for which no patch is included: * XSA-216: Bugs are in Linux and Qemu, not Xen * XSA-220: Xen 4.4 is not vulnerable * XSA-225: Xen 4.4 is not vulnerable * XSA-228: Xen 4.4 is not vulnerable * XSA-229: Bug is in Linux, not Xen Checksums-Sha1: 6ae524fe59544eb5c28f1836ccaf5bd2d3e2baaf 2650 xen_4.4.1-9+deb8u10.dsc 9f2a01827687d219da442c38d3f3962752b4a676 136524 xen_4.4.1-9+deb8u10.debian.tar.xz 7388f2edefc09c3a55b87a85f972fb5ed5a29c63 747090 xen-hypervisor-4.4-amd64_4.4.1-9+deb8u10_i386.deb 86333bd493a4811d53f967a4ba1eb209c912ad03 122780 xen-utils-common_4.4.1-9+deb8u10_all.deb b4c2c254cf0f62b55ce66a1906c161fecf54c66e 21452 xen-system-amd64_4.4.1-9+deb8u10_i386.deb 85c0517184e9259b36ba946e7d4ba127e610a956 499260 libxen-dev_4.4.1-9+deb8u10_i386.deb 7caef774cb2f3da322570561a09f3c544b0437ff 33170 libxenstore3.0_4.4.1-9+deb8u10_i386.deb 5a74bebf5b965477fe0cc675bc34c8bbfccde7d5 27728 xenstore-utils_4.4.1-9+deb8u10_i386.deb 64d7d5018a3f376c44f6fa009c3c55fa32cf2a2d 318014 libxen-4.4_4.4.1-9+deb8u10_i386.deb 1766d5ed95fe80acd2d6cb1b6307d3f07fb6bb1c 404656 xen-utils-4.4_4.4.1-9+deb8u10_i386.deb Checksums-Sha256: 9fa9d100d978cbea01bb60a0e865642e82fe26c72b08123935e85f512dacdb6c 2650 xen_4.4.1-9+deb8u10.dsc 3db2d4ed05fd93d6916eafd43d227bf5423e103957f9149b10fea059ecbd8380 136524 xen_4.4.1-9+deb8u10.debian.tar.xz b8877d860ec6fc7940b874513834b5c58596d7a662e996e1083437503ab86d2e 747090 xen-hypervisor-4.4-amd64_4.4.1-9+deb8u10_i386.deb 0eb955fabee25f0f6f97a8b853ea3bfeeb74c53aeb26a54db44d01437dd91bb1 122780 xen-utils-common_4.4.1-9+deb8u10_all.deb 152b5f56aa6b3f32aebf25659bb12a37cd055831fdca00a1f242744290d20e62 21452 xen-system-amd64_4.4.1-9+deb8u10_i386.deb 7755da570ec11ec93fcce6fa4f856e2328f9837515b689bf991d02a3f64e2748 499260 libxen-dev_4.4.1-9+deb8u10_i386.deb 043f6848b083db66ceb6754abaca4d1f72a34922d0c8ec39c515a838b4aacf3c 33170 libxenstore3.0_4.4.1-9+deb8u10_i386.deb 04d2caa82b97aa01f484853d45ef13ceac28e854d3a96e51ddddca9ba20aefa9 27728 xenstore-utils_4.4.1-9+deb8u10_i386.deb b661cc9cbcaabee1617145c11cca1a0dc15ada703079fb622b4105bc132e251c 318014 libxen-4.4_4.4.1-9+deb8u10_i386.deb c6f43f885899af3c555d9b4c34042a22b31de6a44a75624b046e2a0ef35579b5 404656 xen-utils-4.4_4.4.1-9+deb8u10_i386.deb Files: 7d0b6315567fd9005c1834117366d67c 2650 kernel optional xen_4.4.1-9+deb8u10.dsc 6e417d01a5f53756910e1f3659458674 136524 kernel optional xen_4.4.1-9+deb8u10.debian.tar.xz f5b8bd9e1dc7237d48f686b2269b42cd 747090 kernel optional xen-hypervisor-4.4-amd64_4.4.1-9+deb8u10_i386.deb 1d901cf2591cdf97b51459771c72e831 122780 kernel optional xen-utils-common_4.4.1-9+deb8u10_all.deb 601324017106371fea2bdb114eda572a 21452 kernel optional xen-system-amd64_4.4.1-9+deb8u10_i386.deb 6ea2838b3ece73e715307899366ea2ca 499260 libdevel optional libxen-dev_4.4.1-9+deb8u10_i386.deb ae9c3798ca550159b7249fb07bfff98f 33170 libs optional libxenstore3.0_4.4.1-9+deb8u10_i386.deb bd20b18403639819268352ad1eccce40 27728 admin optional xenstore-utils_4.4.1-9+deb8u10_i386.deb 11fdf41ae57fbf6ca79c3d8ce11a1bae 318014 libs optional libxen-4.4_4.4.1-9+deb8u10_i386.deb 12cd55e6b2d9f4af98e21d1664267681 404656 kernel optional xen-utils-4.4_4.4.1-9+deb8u10_i386.deb -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEVZrkbC1rbTJl58uh4+M5I0i1DTkFAlmxhKUACgkQ4+M5I0i1 DTny9Qf/S3NFjIwD+ENCr6aRiQpuqCAA6ZgcClNZNbOkb0MIexyLmj2p7FKkeUDi dR2fH3ucrKW1cCwOsFYh82etg3xVPUj8OZcXi+nj/Bh7Mx7zTBv67My7PtxPmLrO a4OGqkfjbKO/o/6y/2MW426HJu/nbIUHIOxnmc3NJ3jcyAF56JTYts1axPVGwc9f xId8dmA1tub9jOoSLioy2tlUNbpzqeW9t/mJgqUroTI5RByr5lSs7PifnrxAp2zm NzVnS1s6nTXt3ljTJWFgz3alZZUmN4eD7S5v4YvQwIkKMjDs3W7FyhE6fnUp0VHA JHV2FIJxL0hMKjsnl7CU4KY5uG3D6Q== =dg8/ -----END PGP SIGNATURE-----