Accepted xen 4.11.3+24-g14b62ab3e5-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 08 Jan 2020 12:41:42 +0100
Source: xen
Architecture: source
Version: 4.11.3+24-g14b62ab3e5-1
Distribution: unstable
Urgency: high
Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
Changed-By: Hans van Kranenburg <hans@knorrie.org>
Closes: 947944
Changes:
xen (4.11.3+24-g14b62ab3e5-1) unstable; urgency=high
.
* Update to new upstream version 4.11.3+24-g14b62ab3e5, which also
contains the following security fixes: (Closes: #947944)
- Unlimited Arm Atomics Operations
XSA-295 CVE-2019-17349 CVE-2019-17350
- VCPUOP_initialise DoS
XSA-296 CVE-2019-18420
- missing descriptor table limit checking in x86 PV emulation
XSA-298 CVE-2019-18425
- Issues with restartable PV type change operations
XSA-299 CVE-2019-18421
- add-to-physmap can be abused to DoS Arm hosts
XSA-301 CVE-2019-18423
- passed through PCI devices may corrupt host memory after deassignment
XSA-302 CVE-2019-18424
- ARM: Interrupts are unconditionally unmasked in exception handlers
XSA-303 CVE-2019-18422
- x86: Machine Check Error on Page Size Change DoS
XSA-304 CVE-2018-12207
- TSX Asynchronous Abort speculative side channel
XSA-305 CVE-2019-11135
- Device quarantine for alternate pci assignment methods
XSA-306 CVE-2019-19579
- find_next_bit() issues
XSA-307 CVE-2019-19581 CVE-2019-19582
- VMX: VMentry failure with debug exceptions and blocked states
XSA-308 CVE-2019-19583
- Linear pagetable use / entry miscounts
XSA-309 CVE-2019-19578
- Further issues with restartable PV type change operations
XSA-310 CVE-2019-19580
- Bugs in dynamic height handling for AMD IOMMU pagetables
XSA-311 CVE-2019-19577
* Add missing CVE numbers to previous changelog entries
Checksums-Sha1:
aaafb1b9b82f68a946bfdca0ed03a60c59fc6a3d 4207 xen_4.11.3+24-g14b62ab3e5-1.dsc
0dfed333ead97bfcab82282a89cd152ab1cf4de5 4246660 xen_4.11.3+24-g14b62ab3e5.orig.tar.xz
d774863493a5b6987465c678dc73e7ce4292c97e 133852 xen_4.11.3+24-g14b62ab3e5-1.debian.tar.xz
Checksums-Sha256:
7e86e40181c387817575a908ae59f5521ad3f277d69ed9948b76c5bf5efbcb60 4207 xen_4.11.3+24-g14b62ab3e5-1.dsc
2286fbfbf986ea4baaae4cad8b3adab3bbd1a966cb019dd3f59a177b8036d189 4246660 xen_4.11.3+24-g14b62ab3e5.orig.tar.xz
ccedfe97a1aa92d1e8e96cf367462835d51948b3370b8e461413b312277e33f7 133852 xen_4.11.3+24-g14b62ab3e5-1.debian.tar.xz
Files:
c852aef3c0ef4a3dd94fda474e9f1d06 4207 admin optional xen_4.11.3+24-g14b62ab3e5-1.dsc
540bbe24beb11abe005a386892b192a5 4246660 admin optional xen_4.11.3+24-g14b62ab3e5.orig.tar.xz
e5997186034b940856614606b59da0d4 133852 admin optional xen_4.11.3+24-g14b62ab3e5-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAl4V/UwACgkQssHfcmNh
X2y0Tw/+PyHRoTaOV4+1KHaDA/B6kN635QvCAvOjEcdUNfPSfTSS4kt7AvHWuH2F
WGiDCi8k6gg5Z6XXCVzxr8ptp8Xmhn1LMYEjL6jfkbnSTPC6aKWyZEG41fUgZaIS
o5QiwhBAthZIBBm+m9ZtHvdHVXwIzR6Off+a8ONjFVyNQDAjXOGRcWjoguu9GS7l
u7W6/zj2nyznT0yC41a2WwRBCtKFSaXl9wJN/9RqtTli7o57V00+cLNsctUaN7SF
2eBksuLWTSLmApU+zvo4+/eWQHozfhp1rfxz+v87OY4SvO1ZbgAw7BWjxUHS/TBf
jvV6aOSj7lxZ3xgosSTKVgRPPioNQ41liteouF2tau3ML6PVEuNH6Mp69Qh96JIR
/2uA9YydFHC27/2zW9EyucdBcn917kHAQzlRdZ/UWa43xBo/o6hxrnqLif3zmeYw
rHffh7sjvLFBj6qrJRj2xot2SojsXXyGCj/8T0FOB5H5/dhHPoY2xArAoxSt28R3
WgzA6Ey7t77rzKpPcQyvujpZUDnuug7OeG4HJ5wuu80paYZ2TxoxNVv00mxBJiCC
ChzzfiH5iYTySQClV4iXVwmsq6sBD2zUDHzFkc8quLSGLp7gTreAbFltaXc1v0Vk
BtdUuzdxzLMSzLedmUwQH422YCSLq5eGEQJcSecObCZXLt94Lm4=
=gGux
-----END PGP SIGNATURE-----