xen 4.6.5-0ubuntu1 source package in Ubuntu
Changelog
xen (4.6.5-0ubuntu1) xenial; urgency=medium * Rebasing to upstream stable release 4.6.5 (LP: #1671864) https://www.xenproject.org/downloads/xen-archives/xen-46-series.html - Includes fix for booting 4.10 Linux kernels in HVM guests on Intel hosts which support the TSC_ADJUST MSR (LP: #1671760) - Additional security relevant changes: * CVE-2013-2076 / XSA-052 (update) - Information leak on XSAVE/XRSTOR capable AMD CPUs * CVE-2016-7093 / XSA-186 (4.6.3 became vulnerable) - x86: Mishandling of instruction pointer truncation during emulation * XSA-207 - memory leak when destroying guest without PT devices - Replacing the following security fixes with the versions from the stable update: * CVE-2015-7812 / XSA-145 - arm: Host crash when preempting a multicall * CVE-2015-7813 / XSA-146 - arm: various unimplemented hypercalls log without rate limiting * CVE-2015-7814 / XSA-147 - arm: Race between domain destruction and memory allocation decrease * CVE-2015-7835 / XSA-148 - x86: Uncontrolled creation of large page mappings by PV guests * CVE-2015-7969 / XSA-149, XSA-151 - leak of main per-domain vcpu pointer array - x86: leak of per-domain profiling-related vcpu pointer array * CVE-2015-7970 / XSA-150 - x86: Long latency populate-on-demand operation is not preemptible * CVE-2015-7971 / XSA-152 - x86: some pmu and profiling hypercalls log without rate limiting * CVE-2015-7972 / XSA-153 - x86: populate-on-demand balloon size inaccuracy can crash guests * CVE-2016-2270 / XSA-154 - x86: inconsistent cachability flags on guest mappings * CVE-2015-8550 / XSA-155 - paravirtualized drivers incautious about shared memory contents * CVE-2015-5307, CVE-2015-8104 / XSA-156 - x86: CPU lockup during exception delivery * CVE-2015-8338 / XSA-158 - long running memory operations on ARM * CVE-2015-8339, CVE-2015-8340 / XSA-159 XENMEM_exchange error handling issues * CVE-2015-8341 / XSA-160 - libxl leak of pv kernel and initrd on error * CVE-2015-8555 / XSA-165 - information leak in legacy x86 FPU/XMM initialization * XSA-166 - ioreq handling possibly susceptible to multiple read issue * CVE-2016-1570 / XSA-167 - PV superpage functionality missing sanity checks * CVE-2016-1571 / XSA-168 - VMX: intercept issue with INVLPG on non-canonical address * CVE-2015-8615 / XSA-169 - x86: unintentional logging upon guest changing callback method * CVE-2016-2271 / XSA-170 - VMX: guest user mode may crash guest with non-canonical RIP * CVE-2016-3158, CVE-2016-3159 / XSA-172 - broken AMD FPU FIP/FDP/FOP leak workaround * CVE-2016-3960 / XSA-173 - x86 shadow pagetables: address width overflow * CVE-2016-4962 / XSA-175 - Unsanitised guest input in libxl device handling code * CVE-2016-4480 / XSA-176 - x86 software guest page walk PS bit handling flaw * CVE-2016-4963 / XSA-178 - Unsanitised driver domain input in libxl device handling * CVE-2016-5242 / XSA-181 - arm: Host crash caused by VMID exhaustion * CVE-2016-6258 / XSA-182 - x86: Privilege escalation in PV guests * CVE-2016-6259 / XSA-183 - x86: Missing SMAP whitelisting in 32-bit exception / event delivery * CVE-2016-7092 / XSA-185 - x86: Disallow L3 recursive pagetable for 32-bit PV guests * CVE-2016-7094 / XSA-187 - x86 HVM: Overflow of sh_ctxt->seg_reg[] * CVE-2016-7777 / XSA-190 - CR0.TS and CR0.EM not always honored for x86 HVM guests * CVE-2016-9386 / XSA-191 - x86 null segments not always treated as unusable * CVE-2016-9382 / XSA-192 - x86 task switch to VM86 mode mis-handled * CVE-2016-9385 / XSA-193 - x86 segment base write emulation lacking canonical address checks * CVE-2016-9383 / XSA-195 - x86 64-bit bit test instruction emulation broken * CVE-2016-9377, CVE-2016-9378 / XSA-196 - x86 software interrupt injection mis-handled * CVE-2016-9379, CVE-2016-9380 / XSA-198 - delimiter injection vulnerabilities in pygrub * CVE-2016-9932 / XSA-200 - x86 CMPXCHG8B emulation fails to ignore operand size override * CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA-201 - ARM guests may induce host asynchronous abort * CVE-2016-10024 / XSA-202 - x86 PV guests may be able to mask interrupts * CVE-2016-10025 / XSA-203 - x86: missing NULL pointer check in VMFUNC emulation * CVE-2016-10013 / XSA-204 - x86: Mishandling of SYSCALL singlestep during emulation -- Stefan Bader <email address hidden> Tue, 14 Mar 2017 16:08:39 +0100
Upload details
- Uploaded by:
- Stefan Bader
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- amd64 arm64 armhf i386 all
- Section:
- kernel
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| xen_4.6.5.orig.tar.xz | 3.5 MiB | d859fff62afa08076d978851e9d8a8e34c2e301f99139e0feb57545e0674fc6f |
| xen_4.6.5-0ubuntu1.debian.tar.xz | 60.9 KiB | 4e5bbe6859023337d50d1d51d3e3f2e8619e7cfc86262e14deb203fe22872b58 |
| xen_4.6.5-0ubuntu1.dsc | 3.5 KiB | 268f09b9609828b14cd105a429d9e9405f8a64a98b06814d8b7261ae9c2b757f |
Available diffs
Binary packages built by this source
- libxen-4.6: Public libs for Xen
This package contains the shared toolstack libraries for Xen.
- libxen-4.6-dbgsym: debug symbols for package libxen-4.6
This package contains the shared toolstack libraries for Xen.
- libxen-dev: Public headers and libs for Xen
This package contains the public headers and static libraries for Xen.
.
The libxenlight library is intended as a common base for all Xen toolstack
developers. The libxlutil library contains additional helpers which may
be useful to toolstack developers.
.
The libxenstore library allows userspace processes to interact with the
XenStore database. XenStore is a shared database used for interdomain
communication of configuration and status information. It is accessible
to all domains running on the same Xen host. See
http://wiki.xen. org/wiki/ XenStore for more information.
.
The libxenctrl and libxenguest libraries are internal libraries intended
for use by the Xen toolstack and are not intended to be used directly.
Toolstack authors should use libxenlight.
- libxenstore3.0: Xenstore communications library for Xen
This package contains the client library interface to XenStore. .
- libxenstore3.0-dbgsym: debug symbols for package libxenstore3.0
This package contains the client library interface to XenStore. .
- xen-hypervisor-4.4-amd64: Transitional package for upgrade
- xen-hypervisor-4.4-arm64: Transitional package for upgrade
- xen-hypervisor-4.4-armhf: Transitional package for upgrade
- xen-hypervisor-4.5-amd64: Transitional package for upgrade
- xen-hypervisor-4.5-arm64: Transitional package for upgrade
- xen-hypervisor-4.5-armhf: Transitional package for upgrade
- xen-hypervisor-4.6-amd64: Xen Hypervisor on AMD64
The hypervisor is the "core" for XEN itself. It gets booted by the boot
loader and controls cpu and memory, sharing them between your
administrative domain (Domain 0) and the virtual guest systems.
.
In order to boot a XEN system along with this package you also need a
kernel specifically crafted to work as the Domain 0, mediating hardware
access for XEN itself.
- xen-hypervisor-4.6-arm64: Xen Hypervisor on ARM64
The hypervisor is the "core" for XEN itself. It gets booted by the boot
loader and controls cpu and memory, sharing them between your
administrative domain (Domain 0) and the virtual guest systems.
.
In order to boot a XEN system along with this package you also need a
kernel specifically crafted to work as the Domain 0, mediating hardware
access for XEN itself.
- xen-hypervisor-4.6-armhf: Xen Hypervisor on ARMHF
The hypervisor is the "core" for XEN itself. It gets booted by the boot
loader and controls cpu and memory, sharing them between your
administrative domain (Domain 0) and the virtual guest systems.
.
In order to boot a XEN system along with this package you also need a
kernel specifically crafted to work as the Domain 0, mediating hardware
access for XEN itself.
- xen-system-amd64: Xen System on AMD64 (meta-package)
This package depends on the latest Xen hypervisor for use on AMD64 and the
Xen utils.
- xen-system-arm64: Xen System on ARM64 (meta-package)
This package depends on the latest Xen hypervisor for use on ARM64 and the
Xen utils.
- xen-system-armhf: Xen System on ARMHF (meta-package)
This package depends on the latest Xen hypervisor for use on ARMHF and the
Xen utils.
- xen-utils-4.6: XEN administrative tools
The userspace tools to manage a system virtualized through the XEN virtual
machine monitor.
- xen-utils-4.6-dbgsym: debug symbols for package xen-utils-4.6
The userspace tools to manage a system virtualized through the XEN virtual
machine monitor.
- xen-utils-common: Xen administrative tools - common files
The userspace tools to manage a system virtualized through the Xen virtual
machine monitor.
.
This package is only required on the host system (Domain 0) and not on the
virtual guest systems (Domain U).
- xenstore-utils: Xenstore command line utilities for Xen
This package contains command line utilities for interacting with
XenStore.
.
XenStore is a shared database used for interdomain communication of
configuration and status information. It is accessible to all domains
running on the same Xen host. See http://wiki.xen. org/wiki/ XenStore for
more information.
.
In the common case these tools are used by the Xen toolstack running in
domain0 (or a driver domain) however they may also be used in a guest
domain to support local scripting which wants to communicate via XenStore.
- xenstore-utils-dbgsym: debug symbols for package xenstore-utils
This package contains command line utilities for interacting with
XenStore.
.
XenStore is a shared database used for interdomain communication of
configuration and status information. It is accessible to all domains
running on the same Xen host. See http://wiki.xen. org/wiki/ XenStore for
more information.
.
In the common case these tools are used by the Xen toolstack running in
domain0 (or a driver domain) however they may also be used in a guest
domain to support local scripting which wants to communicate via XenStore.
