1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3847-1] xen security update

    From Moritz Muehlenhoff@1:229/2 to All on Tue May 9 23:00:01 2017
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3847-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    May 09, 2017 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : xen
    CVE ID : CVE-2016-9932 CVE-2016-10013 CVE-2016-10024
    CVE-2017-7228

    Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host
    breakout, denial of service or information leaks.

    In additional to the CVE identifiers listed above, this update also
    addresses the vulnerabilities announced as XSA-213, XSA-214 and XSA-215.

    For the stable distribution (jessie), these problems have been fixed in
    version 4.4.1-9+deb8u9.

    For the upcoming stable distribution (stretch), these problems have been
    fixed in version 4.8.1-1+deb9u1.

    For the unstable distribution (sid), these problems have been fixed in
    version 4.8.1-1+deb9u1.

    We recommend that you upgrade your xen packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIyBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlkSK5gACgkQEMKTtsN8 TjZA3w/1Eyg3QujmonzCNvLY6wBnA8B7yHCy3XrN5ITga6b+saOlhJVE3mtFkdOR uHNSlOaoD+eemIKLnUYuBk3AmKL/dDDhirhIGHmbcv64rneEJXWBPYdP/R7RcKvE 5qJLT7v6JPuSVRp+2IzaRDTLZX3iacN+WJCmJhRtZijpgrB+5aYu9XoV/b7OGUcj GZlZDn9orau5/fFKSvfNTNSauPpPjNizWofPcjbWshLYiH9iNht+d4FdbaG4sN01 vyxMcueLOkQKG2EAhQk7dUyDo9OHm6qd851ryIEVuUkT0uT2bB0+TmofJ32ng60Q qd/g4UwDXQ2RKeaTih5c9ZDjLqiyPPw4Dj3JAi+hJPsZNivUxPM8B0VhpYmFZWKA jErwBQ1JEpo1/Q7MFxIrMeTu5hiLqlD9Yj1MU1L0u+q1FysVA+U/cTMsRpM9vUlF DXohvxr/Jsi/lJQNSdXTQTQL61GsPj/bMSDWNB+FcYvQFvLiVM/+fmoBGGfLWfOQ eylemhkven7sOPkHDdDs4qZ17BFuc1ZVtmJCsd1J9KOlzb8dlaPrjUlUD2OJ89Q3 JaU05Sw0qbcO9vNfMkAIanyE8o1JzuRLLwWD58ZRxJPmlv5SUoL4bnSy5dypgWBa hmr6ufXgmJv0IC8tw6vQ5Urh+MNBnSbnDLM6ld4j+cmk6DrDxA==
    =CI1R
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)