Debian Package Tracker

general

source: xen (source, kernel)
version: 4.8.1-1+deb9u1
maintainer: Debian Xen Team (archive) [DMD]
uploaders: Bastian Blank [DMD] – Ian Jackson [DMD] – Guido Trotter [DMD]
arch: all amd64 arm64 armhf i386
std-ver: 3.9.4

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 4.1.4-3+deb7u9
o-o-sec: 4.1.6.lts1-8
oldstable: 4.4.1-9+deb8u9
old-sec: 4.4.1-9+deb8u9
stable: 4.8.1-1+deb9u1
testing: 4.8.1-1+deb9u1
unstable: 4.8.1-1+deb9u1

versioned links

4.1.4-3+deb7u9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.1.6.lts1-8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.4.1-9+deb8u9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.8.1-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libxen-4.8
libxen-dev
libxenstore3.0
xen-hypervisor-4.8-amd64
xen-hypervisor-4.8-arm64
xen-hypervisor-4.8-armhf
xen-system-amd64
xen-system-arm64
xen-system-armhf
xen-utils-4.8
xen-utils-common
xenstore-utils

action needed

16 security issues in sid

high

There are 16 open security issues in sid.

16 important issues:

CVE-2017-10919: Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223.
CVE-2017-10918: Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
CVE-2017-10920: The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1.
CVE-2017-10921: The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2.
CVE-2017-10922: The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
CVE-2017-10923: Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225.
CVE-2017-10913: The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1.
CVE-2017-10912: Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
CVE-2017-10915: The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
CVE-2017-10914: The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
CVE-2017-10917: Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
CVE-2017-10916: The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220.
CVE-2017-12855: Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensitive information, while the domain on the far end of the grant is still using the grant. Xen 4.9, 4.8, 4.7, 4.6, and 4.5 are affected.
CVE-2017-12135:
CVE-2017-12137:
CVE-2017-12136:

Please fix them.

Created: 2017-06-20 Last update: 2017-08-17 07:26

25 security issues in wheezy

high

There are 25 open security issues in wheezy.

16 important issues:

CVE-2017-10918: Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
CVE-2017-10920: The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1.
CVE-2017-10921: The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2.
CVE-2017-10922: The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
CVE-2017-2620:
CVE-2017-10913: The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1.
CVE-2017-10912: Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
CVE-2017-10915: The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
CVE-2017-10914: The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
CVE-2017-12135:
CVE-2017-12855: Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensitive information, while the domain on the far end of the grant is still using the grant. Xen 4.9, 4.8, 4.7, 4.6, and 4.5 are affected.
CVE-2016-9603:
CVE-2016-9637: The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
CVE-2017-12137:
CVE-2017-12136:
TEMP-0860565-9E8C4B:

9 issues skipped by the security teams:

CVE-2014-5146: Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5149.
CVE-2015-8341: The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains.
CVE-2015-3259: Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument.
CVE-2016-4963: The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.
CVE-2016-4962: The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
CVE-2015-2152: Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support.
CVE-2014-5149: Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5146.
CVE-2015-7311: libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
TEMP-0856229-F1D37C:

Please fix them.

Created: 2015-07-12 Last update: 2017-08-17 07:26

16 security issues in buster

high

There are 16 open security issues in buster.

16 important issues:

CVE-2017-10919: Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223.
CVE-2017-10918: Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
CVE-2017-10920: The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1.
CVE-2017-10921: The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2.
CVE-2017-10922: The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
CVE-2017-10923: Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225.
CVE-2017-10913: The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1.
CVE-2017-10912: Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
CVE-2017-10915: The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
CVE-2017-10914: The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
CVE-2017-10917: Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
CVE-2017-10916: The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220.
CVE-2017-12855: Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensitive information, while the domain on the far end of the grant is still using the grant. Xen 4.9, 4.8, 4.7, 4.6, and 4.5 are affected.
CVE-2017-12135:
CVE-2017-12137:
CVE-2017-12136:

Please fix them.

Created: 2017-06-20 Last update: 2017-08-17 07:26

20 security issues in jessie

high

There are 20 open security issues in jessie.

13 important issues:

CVE-2017-10919: Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223.
CVE-2017-10918: Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
CVE-2017-10920: The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1.
CVE-2017-10921: The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2.
CVE-2017-10922: The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
CVE-2017-10913: The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1.
CVE-2017-10912: Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
CVE-2017-10915: The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
CVE-2017-10914: The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
CVE-2017-10917: Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
CVE-2017-12855: Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensitive information, while the domain on the far end of the grant is still using the grant. Xen 4.9, 4.8, 4.7, 4.6, and 4.5 are affected.
CVE-2017-12135:
CVE-2017-12137:

7 issues skipped by the security teams:

CVE-2016-9816: Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2.
CVE-2016-9817: Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set.
CVE-2016-9815: Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort.
CVE-2016-4963: The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.
CVE-2016-9818: Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP.
TEMP-0856229-F1D37C:
TEMP-0860565-9E8C4B:

Please fix them.

Created: 2015-07-12 Last update: 2017-08-17 07:26

16 security issues in stretch

high

There are 16 open security issues in stretch.

16 important issues:

CVE-2017-10919: Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223.
CVE-2017-10918: Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
CVE-2017-10920: The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1.
CVE-2017-10921: The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2.
CVE-2017-10922: The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
CVE-2017-10923: Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225.
CVE-2017-10913: The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1.
CVE-2017-10912: Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
CVE-2017-10915: The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
CVE-2017-10914: The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
CVE-2017-10917: Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
CVE-2017-10916: The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220.
CVE-2017-12855: Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensitive information, while the domain on the far end of the grant is still using the grant. Xen 4.9, 4.8, 4.7, 4.6, and 4.5 are affected.
CVE-2017-12135:
CVE-2017-12137:
CVE-2017-12136:

Please fix them.

Created: 2017-06-20 Last update: 2017-08-17 07:26

lintian reports 2 errors and 38 warnings

high

Lintian reports 2 errors and 38 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2017-05-05 Last update: 2017-07-27 07:20

Does not build reproducibly during testing

normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2016-04-06 Last update: 2017-08-21 13:34

4 bugs tagged patch in the BTS

normal

The BTS contains patches fixing 4 bugs, consider including or untagging them.

Created: 2017-08-12 Last update: 2017-08-21 13:12

Build log checks report 2 warnings

low

Build log checks report 2 warnings

Created: 2016-02-10 Last update: 2016-11-08 01:11

Standards version of the package is outdated.

wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 3.9.8 instead of 3.9.4).

Created: 2014-08-10 Last update: 2017-06-01 12:55

news

[rss feed]

[2017-06-01] Accepted xen 4.1.6.lts1-8 (source all amd64) into oldstable (Felix Geyer)
[2017-05-30] Accepted xen 4.1.6.lts1-7 (source all amd64) into oldstable (Felix Geyer)
[2017-05-27] Accepted xen 4.4.1-9+deb8u9 (all i386 source) into proposed-updates->stable-new, proposed-updates (Ian Jackson)
[2017-05-04] xen 4.8.1-1+deb9u1 MIGRATED to testing (Debian testing watch)
[2017-05-02] Accepted xen 4.8.1-1+deb9u1 (source) into unstable (Ian Jackson)
[2017-04-24] xen 4.8.1-1 MIGRATED to testing (Debian testing watch)
[2017-04-21] Accepted xen 4.1.6.lts1-6 (source all amd64) into oldstable (Felix Geyer) (signed by: Ola Lundqvist)
[2017-04-18] Accepted xen 4.8.1-1 (source) into unstable (Ian Jackson)
[2017-02-03] xen 4.8.1~pre.2017.01.23-1 MIGRATED to testing (Debian testing watch)
[2017-01-23] Accepted xen 4.8.1~pre.2017.01.23-1 (all amd64 source) into unstable (Ian Jackson)
[2017-01-13] Accepted xen 4.1.6.lts1-5 (source all amd64) into oldstable (Felix Geyer) (signed by: Guido Günther)
[2017-01-02] xen 4.8.0-1 MIGRATED to testing (Debian testing watch)
[2016-12-22] Accepted xen 4.8.0-1 (all amd64 source) into unstable (Ian Jackson)
[2016-12-14] Accepted xen 4.4.1-9+deb8u8 (all source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2016-11-22] Accepted xen 4.1.6.lts1-4 (source all amd64) into oldstable (Bastian Blank)
[2016-11-17] xen 4.8.0~rc5-1 MIGRATED to testing (Debian testing watch)
[2016-11-11] Accepted xen 4.8.0~rc5-1 (all amd64 source) into unstable (Ian Jackson)
[2016-11-10] xen 4.8.0~rc3-1 MIGRATED to testing (Debian testing watch)
[2016-11-07] Accepted xen 4.8.0~rc3-1 (all amd64 source) into unstable (Ian Jackson)
[2016-11-03] Accepted xen 4.1.6.lts1-3 (source all amd64) into oldstable (Felix Geyer) (signed by: Guido Günther)
[2016-11-01] Accepted xen 4.8.0~rc3-0exp2 (all amd64 source) into experimental (Ian Jackson)
[2016-10-31] Accepted xen 4.8.0~rc3-0exp1 (all amd64 source) into experimental, experimental (Ian Jackson)
[2016-09-09] Accepted xen 4.4.1-9+deb8u7 (all source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2016-09-08] Accepted xen 4.1.6.lts1-2 (source i386 all) into oldstable (Bastian Blank)
[2016-07-30] Accepted xen 4.4.1-9+deb8u6 (source all amd64) into proposed-updates->stable-new, proposed-updates (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
[2016-07-29] Accepted xen 4.1.6.lts1-1 (source all amd64) into oldstable (Bastian Blank)
[2016-05-16] Accepted xen 4.1.6.1-1+deb7u1 (source all i386) into oldstable (signed by: Brian May)
[2016-04-22] Accepted xen 4.4.1-9+deb8u5 (all source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2016-03-18] Accepted xen 4.4.1-9+deb8u4 (source all amd64) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
[2016-02-15] xen 4.6.0-1+nmu2 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 53 56
RC: 2
I&N: 43 46
M&W: 8
F&P: 0

links

lintian (2, 38)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.8.0-1ubuntu2
51 bugs (10 patches)
patches for 4.8.0-1ubuntu2