[Pkg-xen-devel] xen_4.17.2+76-ge1f9cb16e2-1~deb12u1_source.changes ACCEPTED into proposed-updates->stable-new

Sat Dec 2 21:58:58 GMT 2023

Thank you for your contribution to Debian.

Mapping bookworm to stable.
Mapping stable to proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 02 Dec 2023 17:58:08 +0100
Source: xen
Architecture: source
Version: 4.17.2+76-ge1f9cb16e2-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Maximilian Engelhardt <maxi at daemonizer.de>
Closes: 1042102 1056928
Changes:
 xen (4.17.2+76-ge1f9cb16e2-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm to address the security issues since
     4.17.1+2-gb773c48e36-1 listed below.
   * d/salsa-ci.yml: Set RELEASE variable to bookworm
 .
 xen (4.17.2+76-ge1f9cb16e2-1) unstable; urgency=medium
 .
   * Update to new upstream version 4.17.2-76-ge1f9cb16e2, which also contains
     security fixes for the following issues: (Closes: #1056928)
     - x86/AMD: mismatch in IOMMU quarantine page table levels
       XSA-445 CVE-2023-46835
     - x86: BTC/SRSO fixes not fully effective
       XSA-446 CVE-2023-46836
 .
 xen (4.17.2+55-g0b56bed864-1) unstable; urgency=medium
 .
   * Update to new upstream version 4.17.2+55-g0b56bed864, which also contains
     security fixes for the following issues:
     - arm32: The cache may not be properly cleaned/invalidated
       XSA-437 CVE-2023-34321
     - top-level shadow reference dropped too early for 64-bit PV guests
       XSA-438 CVE-2023-34322
     - x86/AMD: Divide speculative information leak
       XSA-439 CVE-2023-20588
     - xenstored: A transaction conflict can crash C Xenstored
       XSA-440 CVE-2023-34323
     - x86/AMD: missing IOMMU TLB flushing
       XSA-442 CVE-2023-34326
     - Multiple vulnerabilities in libfsimage disk handling
       XSA-443 CVE-2023-34325
     - x86/AMD: Debug Mask handling
       XSA-444 CVE-2023-34327 CVE-2023-34328
   * Note that the following XSA are not listed, because...
     - XSA-441 has patches for the Linux kernel.
 .
 xen (4.17.2-1) unstable; urgency=medium
 .
   * Update to new upstream version 4.17.2, which also contains
     security fixes for the following issues: (Closes: #1042102)
     - x86/AMD: Zenbleed
       XSA-433 CVE-2023-20593
     - x86/AMD: Speculative Return Stack Overflow
       XSA-434 CVE-2023-20569
     - x86/Intel: Gather Data Sampling
       XSA-435 CVE-2022-40982
     - arm: Guests can trigger a deadlock on Cortex-A77
       XSA-436 CVE-2023-34320
   * Note that the following XSA are not listed, because...
     - XSA-432 has patches for the Linux kernel.
Checksums-Sha1:
 d61e2bbfa98c38898a091711e48cffbe2fbdb467 4522 xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.dsc
 fa5d46e9a5a506de7de24ee592f2e6c92221fa3b 136800 xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.debian.tar.xz
Checksums-Sha256:
 da5ad079ffc53f0d87f701dece3cdf936c3fa8f3dfcd03a7b031bc5e7fe3b1ce 4522 xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.dsc
 30d06e10eb6ad4b2758f02968db1d741669be6bc23b5cbaf828c075ec6a46445 136800 xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.debian.tar.xz
Files:
 8bc5dc13ab2b089af17ccad33a08b8f5 4522 admin optional xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.dsc
 c056b8eb8fcfb43d2fb5609b8e2064d4 136800 admin optional xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmVroNoACgkQssHfcmNh
X2zxrQ/9FEQo6A+p9dulVYdC2I820tkqOj/bM5yG8pRcodHAAiuXJMTDZ9A5XNOk
6xpp2z1qY0/N0XiEEBkFbxK0a7oLSZTUxSouaugBGoeo26ebWqBBkziM784Ae6F5
6YqYGhHLpvB+q1agzb14qcqu4+rvgfuA0awyLRNersD5k1DYB8oM4gSH7GHdkuUh
lxwwdkFXC4vZWEQENDvP6iLaFFXmxe9+q6RZgyuU1s1+Wp1ThBDBQbZfpBFxgv/Q
Pj51o/N00XyKmtwkD1aMeGYhIuCSOjWWqW+RNQYda5Idr+jsiHAupa3UWj+PzihK
nar01GIG1g50SL2JS5YC0wx2TAr1JCNqQxcMhNq1Znrq0FptymoZBQ2u94HT7aco
XbvYciI2YT42VHtzl9icBBow+cSvV+NL228sDfwfYqj5Ixns95xfpGOnv7udSJ5L
IHRNdSUogBQyU+ScwNp+vJgP+GKVKqQn3e1zZOBJTUIafMg/uUqn7YvIfXL3lkPJ
Ki8oR9bvS5bqUOAiKHmC5kQYc5uTsdMlKGTpHPuzqxj64lHGnEUDFNkmfen9W5As
fERsYKmbBzNvCbQfpnHqq/AG5qgnChF/cZnhWIBAW/6YBEA8jWTEsTuqVb8XC5nK
r7LTv0I8NTQbNxIYx5il6SxbBbcbb8mpbLENl1ogxyye+gde9bI=
=XMKi
-----END PGP SIGNATURE-----