-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 18 Jun 2018 16:10:38 +0100 Source: xen Binary: libxen-4.8 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.8 xen-hypervisor-4.8-amd64 xen-system-amd64 xen-hypervisor-4.8-arm64 xen-system-arm64 xen-hypervisor-4.8-armhf xen-system-armhf Architecture: all amd64 source Version: 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8 Distribution: stretch-security Urgency: high Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org> Changed-By: Ian Jackson <ian.jackson@citrix.com> Description: libxen-4.8 - Public libs for Xen libxen-dev - Public headers and libs for Xen libxenstore3.0 - Xenstore communications library for Xen xen-hypervisor-4.8-amd64 - Xen Hypervisor on AMD64 xen-hypervisor-4.8-arm64 - Xen Hypervisor on ARM64 xen-hypervisor-4.8-armhf - Xen Hypervisor on ARMHF xen-system-amd64 - Xen System on AMD64 (meta-package) xen-system-arm64 - Xen System on ARM64 (meta-package) xen-system-armhf - Xen System on ARMHF (meta-package) xen-utils-4.8 - XEN administrative tools xen-utils-common - Xen administrative tools - common files xenstore-utils - Xenstore command line utilities for Xen Changes: xen (4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8) stretch-security; urgency=high . * Update to new upstream version 4.8.3+xsa267+shim4.10.1+xsa267. XSA-267 CVE-2018-3665 . I have actually taken upstream's staging-4.8 CI input branch, which is identical to the CI-tested stable-4.8 except that it also has the XSA-267 patches. There are additional patches in upstream's stable-4.8 branch, beyond what was in the previous Debian stretch security update, which are prerequisites for the XSA-267 patches. . For the shim, I have updated to upstream's staging-4.10, which is identical to the CI-tested stable-4.10q except, again, for XSA-267-related patches. The 4.10.0-comet branch lacks speculation control entirely and has been superseded upstream. Checksums-Sha1: fe581cd1fe6cf2a9f762908680741185d9a06062 3218 xen_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8.dsc 5199ed5cf238e2a966daa267e60216a2bd95c3a4 4180172 xen_4.8.3+xsa267+shim4.10.1+xsa267.orig-shim.tar.xz 292d6ede36b6f0ad9a38a85422c80f5996ecdeb8 3918924 xen_4.8.3+xsa267+shim4.10.1+xsa267.orig.tar.xz ee79aa2b2a9214a72b7f12a580ee6c1e718e0b45 57948 xen_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8.debian.tar.xz 9cf566a0800bf40c02efa740b35206c7476fa584 1609338 libxen-4.8-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb dd93c0dc8ec4ffe61aad97b6cf4d72c38ae729ed 413138 libxen-4.8_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 58bd75548c7908c3416c6ea5f4becaa1b88a8c5a 651418 libxen-dev_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb ce09897c1e9963dcdcfc749d68c3cf5db270a821 25252 libxenstore3.0-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb df9288ef13ab82cabe34cdae7bc50575aec7b109 34720 libxenstore3.0_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb c06a846eb691db3f699d77874b2e35f711f258d6 2304142 xen-hypervisor-4.8-amd64_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 1c1a07cc594e5f8f051b86f4602eea12c733a542 23694 xen-system-amd64_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 825873619eebef1841c0dfd3bfcf1fd7e61f142e 852560 xen-utils-4.8-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb d8b61adedb0387fed662806e4296682e3ced15b7 423156 xen-utils-4.8_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 8599f9e866984f47ed1f66ecca3d2ed7137b3825 285692 xen-utils-common_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_all.deb d7da7053582eb6651bdb16963fca88dc9ba2e074 12335 xen_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.buildinfo 6055aa112c37645439b43e94d5ab2f3612e9830c 13378 xenstore-utils-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 71943da880d3e3547f7b7f3ae7af30cbbf41e4f5 30422 xenstore-utils_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb Checksums-Sha256: c45f8033521c347220999e45caa152cac43169cf3606444b52ba25e9c7eccc91 3218 xen_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8.dsc 3e4cb8aab7e66cd18a382e1339d844e2f478f848013df5b25894de31d633c554 4180172 xen_4.8.3+xsa267+shim4.10.1+xsa267.orig-shim.tar.xz 761430bbf4ca7bd94535c7570b2be8bb7b3dca7a2470234bde855ce0c401e255 3918924 xen_4.8.3+xsa267+shim4.10.1+xsa267.orig.tar.xz ea65392e07c1b75ef881ca41c6c925bb3f2e1509316900abe5a5f7059ac9a8e4 57948 xen_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8.debian.tar.xz 1b632d163bbe6dea58e1b1323a8116c161d0b96e60a6b639c4f5e655ccb0b6dc 1609338 libxen-4.8-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 01bb05521f7194dc91dfbbbb7cda0c7c01dc4d7586f749425d75c81dd54e0be1 413138 libxen-4.8_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 743059e671e936ad3131cbc0dd3e9315095693fdd8f73e867a0b83b47058054d 651418 libxen-dev_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb d129db2fc6ab5ef1427b3682d76d52b8648903034105a63ac3ec19c9ced7b1e4 25252 libxenstore3.0-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 2090fee834f325d695d19b18810d9896adce4810e75ab3bc58dbf17f5c4d34a1 34720 libxenstore3.0_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 869d5cdfbd9d2d996f21cd10e3cbc4c5e211d3db0eb51be7d4f5cad34db2ce17 2304142 xen-hypervisor-4.8-amd64_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 530a7601c9a7b1fb9a87fb4a884b2ebf7662088c945b85094051f527bab0de61 23694 xen-system-amd64_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 4eaa82489f20fc3ec277380926116c265348436acef0e78e56eecd94d21605fd 852560 xen-utils-4.8-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 8fb4fbf64d7ba3e39e14f82ff5ae0c031651d023864328ee385137d0986182fc 423156 xen-utils-4.8_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 5fed29a377991c84553f823224edbea5b9311d385f161bfddb4295a77e41fdda 285692 xen-utils-common_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_all.deb 05529e88b574b636b4e4326f478e15c4dbd6662ba77f0c225247e7f1ea5d2316 12335 xen_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.buildinfo abcaca36f636129f9abb08f480e519e3b49c6147ed6ea8d1e5a844f45ef8b082 13378 xenstore-utils-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb aeb48b547dd883d95c770a0cbb54a7844e0a40f6b4342d1e79d4e63254d63d55 30422 xenstore-utils_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb Files: 3f40355c733ed85e9bb76b7f01a7ed06 3218 kernel optional xen_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8.dsc 6459f765a1a83772a70beaa4546b5d68 4180172 kernel optional xen_4.8.3+xsa267+shim4.10.1+xsa267.orig-shim.tar.xz a7573dd28b0baa3e24424325a67733bb 3918924 kernel optional xen_4.8.3+xsa267+shim4.10.1+xsa267.orig.tar.xz e3ab19e68e8829f7a3c429e118bc62db 57948 kernel optional xen_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8.debian.tar.xz 204d15662c25881ef3fc81efdfa5173a 1609338 debug extra libxen-4.8-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 01a23bfe2db9c19c02a99cc0498aed55 413138 libs optional libxen-4.8_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 559ed94e7dc08d4c6aea39ea82babba1 651418 libdevel optional libxen-dev_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb b59c688a49eaba3a8176b6a1ca41e2fb 25252 debug extra libxenstore3.0-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb d1b7d75fbb2653bd059a1b3647368232 34720 libs optional libxenstore3.0_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 6736f790e62f84e2dd8504b4ebff2a9c 2304142 kernel optional xen-hypervisor-4.8-amd64_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb d27be51598ed4620057c8c997e841b7d 23694 kernel optional xen-system-amd64_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 8fd542084a97a843280f33cda5a4f982 852560 debug extra xen-utils-4.8-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 6dcfe088aaa6b249393d3258c8300571 423156 kernel optional xen-utils-4.8_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb e57c22f1db3ee08387b6d3640d0c45fb 285692 kernel optional xen-utils-common_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_all.deb 99c93508dc59220c8e2f04d396c42150 12335 kernel optional xen_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.buildinfo 833ab8bbc2c99f668ce9a3c79630a390 13378 debug extra xenstore-utils-dbgsym_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb 4a5280cd236fe27829193706cdf20901 30422 admin optional xenstore-utils_4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8_amd64.deb -----BEGIN PGP SIGNATURE----- iQFUBAEBCAA+FiEEVZrkbC1rbTJl58uh4+M5I0i1DTkFAlso/wYgHGlqYWNrc29u QGNoaWFyay5ncmVlbmVuZC5vcmcudWsACgkQ4+M5I0i1DTnH1QgArjz1ixKTa7wo Vxe3KhYmH/oQmHDNGwOYT6QSMqiGZ+A+zu5qiZXBrcMLxW85935hBgavoXRAm9WK ggVguftCw1/xQm12lKHko6+DLgnPCdKVwYNXYa0l5Eh5W5QIsY6+6pqdDA8jD0qe Dorm+f4g3xgLKOcEGpNGM2oMLKScB5J8NSjWntho7S58zgxtVZygWFZy48DiqI25 W2YQPVV4npagkuLOLBvxld+XnMw20ENx+F+yr8PzTyNPUXfDPQCYopwwmHtV2kXE SrZ+MevaJBRnL9Wim9x7tDlOuO7wa3noXnJyx4uhZDhSOI3dzzeuzrTsBuzMBXjZ //JYKqNYMw== =+Jvi -----END PGP SIGNATURE-----