ubuntu/+source/xen:debian/jessie

Last commit made on 2017-12-09
Get this branch:
git clone -b debian/jessie https://git.launchpad.net/ubuntu/+source/xen
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/jessie
Repository:
lp:ubuntu/+source/xen

Recent commits

37c2665... by Ian Jackson <email address hidden> on 2017-09-05

Import patches-unapplied version 4.4.1-9+deb8u10 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: c51f1b9be10ea208bbd65406f81c154ed482fe75

New changelog entries:
  Security updates, including some very important fixes:
  * XSA-217 CVE-2017-10912
  * XSA-218 CVE-2017-10913 CVE-2017-10914
  * XSA-219 CVE-2017-10915
  * XSA-221 CVE-2017-10917
  * XSA-222 CVE-2017-10918
  * XSA-224 CVE-2017-10919
  * XSA-226 CVE-2017-12135
  * XSA-227 CVE-2017-12137
  * XSA-230 CVE-2017-12855
  * XSA-235 no CVE assigned yet
  Bugfixes:
  * evtchn: don't reuse ports that are still "busy" (for XSA-221 patch)
  FYI, XSAs which remain outstanding because no patch is available.
  * XSA-223: armhf/arm64 guest-induced host crash vulnerability
  FYI, inapplicable XSAs, for which no patch is included:
  * XSA-216: Bugs are in Linux and Qemu, not Xen
  * XSA-220: Xen 4.4 is not vulnerable
  * XSA-225: Xen 4.4 is not vulnerable
  * XSA-228: Xen 4.4 is not vulnerable
  * XSA-229: Bug is in Linux, not Xen

c51f1b9... by Ian Jackson on 2017-05-08

Import patches-unapplied version 4.4.1-9+deb8u9 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 7add29757da309b6f1c7ab75254fbdc143a17fcd

New changelog entries:
  Security updates:
  * XSA-200: Closes:#848081: CVE-2016-9932: x86 emulation operand size
  * XSA-202: CVE-2016-10024: x86 PV guests may be able to mask interrupts
  * XSA-204: CVE-2016-10013: x86: Mishandling of SYSCALL singlestep
  * XSA-212: Closes:#859560: CVE-2017-7228: x86: broken memory_exchange()
  * XSA-213: Closes:#861659: 64bit PV guest breakout
  * XSA-214: Closes:#861660: grant transfer PV privilege escalation
  * XSA-215: Closes:#861662: memory corruption via failsafe callback

7add297... by Salvatore Bonaccorso on 2016-12-03

Import patches-unapplied version 4.4.1-9+deb8u8 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: dcc53929b25f40ed07901fb4d8e2292f06c23ca8

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-7777: CR0.TS and CR0.EM not always honored for x86 HVM guests
  * CVE-2016-9386: x86 null segments not always treated as unusable
    (Closes: #845663)
  * CVE-2016-9382: x86 task switch to VM86 mode mis-handled (Closes: #845664)
  * CVE-2016-9385: x86 segment base write emulation lacking canonical address
    checks (Closes: #845665)
  * CVE-2016-9383: x86 64-bit bit test instruction emulation broken
    (Closes: #845668)
  * CVE-2016-9379, CVE-2016-9380: delimiter injection vulnerabilities in
    pygrub (Closes: #845670)

dcc5392... by Salvatore Bonaccorso on 2016-09-07

Import patches-unapplied version 4.4.1-9+deb8u7 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: c25fdd19340f376ae42b82fed387a4941ea47767

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-7092: x86: Disallow L3 recursive pagetable for 32-bit PV guests
    (XSA-185)
  * CVE-2016-7094: x86 HVM: Overflow of sh_ctxt->seg_reg[] (XSA-187)
  * CVE-2016-7154: use after free in FIFO event channel code (XSA-188)
  * CVE-2015-8338, CVE-2016-4480, CVE-2016-4962
  * CVE-2016-5242, CVE-2016-6258

c25fdd1... by Salvatore Bonaccorso on 2016-04-19

Import patches-unapplied version 4.4.1-9+deb8u5 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 7ae3f55756af351d55b134b0e8819f5c082f4a8f

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-3158, CVE-2016-3159: broken AMD FPU FIP/FDP/FOP leak
    workaround
  * CVE-2016-3960: x86 shadow pagetables: address width overflow

7ae3f55... by Moritz Mühlenhoff <email address hidden> on 2016-03-15

Import patches-unapplied version 4.4.1-9+deb8u4 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 56a02043a11ec3aba9950076bc17dfe450d9bd70

New changelog entries:
  * CVE-2015-8339
  * CVE-2015-8340
  * CVE-2015-8341
  * CVE-2015-8550
  * CVE-2015-8555
  * CVE-2016-1570
  * CVE-2016-1571
  * CVE-2016-2270
  * CVE-2016-2271
  * XSA166

56a0204... by Guido Trotter on 2015-11-25

Import patches-unapplied version 4.4.1-9+deb8u3 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: dd5399632e5429ce5c71ca47348ed544534c992f

New changelog entries:
  * Fix CVE-2015-3259 (XSA-137)
  * Fix CVE-2015-3340 (XSA-132)
  * Fix CVE-2015-6654 (XSA-141)
  * Fix CVE-2015-7311 (XSA-142)
  * Fix CVE-2015-7812 (XSA-145)
  * Fix CVE-2015-7813 (XSA-146)
  * Fix CVE-2015-7814 (XSA-147)
  * Fix CVE-2015-7969 (XSA-151 and XSA-149)
  * Fix CVE-2015-7970 (XSA-150)
  * Fix CVE-2015-7971 (XSA-152)
  * Fix CVE-2015-7972 (XSA-153)
  * Fix CVE-2015-8104 and CVE-2015-5307 (XSA-156)
  * Non-maintainer upload by the Security Team.
  * Add CVE-2015-7835-xsa148.patch patch.
    CVE-2015-7835: x86: Uncontrolled creation of large page mappings by PV
    guests.

dd53996... by Guido Trotter on 2015-06-10

Import patches-unapplied version 4.4.1-9+deb8u1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: cf9071c61da98f985f82694cb13e315a3692c04b

New changelog entries:
  * Apply fix for CVE-2015-4163 (XSA 134)
    - gnttab: add missing version check to GNTTABOP_swap_grant_ref handling
      ... avoiding NULL derefs when the version to use wasn't set yet
  * Apply fix for CVE-2015-4164 (XSA 136)
    - x86/traps: loop in the correct direction in compat_iret()

cf9071c... by Bastian Blank on 2015-04-06

Import patches-unapplied version 4.4.1-9 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 96692e0adfe16abe90529553d2a34790e274d8b1

New changelog entries:
  * Explicitly disable graphics for qemu. (closes: #780975)
    CVE-2015-2152
  * Update fix for insufficient permissions checks on arm.
    CVE-2014-3969
  * Break apart long latenty MMIO operations. (closes: #781620)
    CVE-2015-2752
  * Disallow certain domain control operations. (closes: #781620)
    CVE-2015-2751

96692e0... by Bastian Blank on 2015-03-11

Import patches-unapplied version 4.4.1-8 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ee30e3dde828663fb10879cca2854d0863cbd2f6

New changelog entries:
  * Fix uninitialized return from wrong-sized reads from system devices.
    CVE-2015-2044
  * Fix hypervisor memory leak in uninitialized structures.
    CVE-2015-2045
  * Fix hypervisor memory corruption in x86 emulation. (closes: #780227)
    CVE-2015-2151