Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 3847-1] xen security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3847-1] xen security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 3847-1] xen security update
  • Date: Tue, 9 May 2017 22:52:42 +0200
  • List-archive: https://lists.debian.org/msgid-search/20170509205242.7dnxwk4s7edjvjkg AT pisco.westfalen.local
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <jmm AT inutil.org>
  • Priority: urgent
  • Resent-date: Tue, 9 May 2017 20:53:05 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <baNfmmZ2IeB.A.HCE.xwiEZB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3847-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 09, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2016-9932 CVE-2016-10013 CVE-2016-10024
CVE-2017-7228

Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen
hypervisor, which may lead to privilege escalation, guest-to-host
breakout, denial of service or information leaks.

In additional to the CVE identifiers listed above, this update also
addresses the vulnerabilities announced as XSA-213, XSA-214 and XSA-215.

For the stable distribution (jessie), these problems have been fixed in
version 4.4.1-9+deb8u9.

For the upcoming stable distribution (stretch), these problems have been
fixed in version 4.8.1-1+deb9u1.

For the unstable distribution (sid), these problems have been fixed in
version 4.8.1-1+deb9u1.

We recommend that you upgrade your xen packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIyBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlkSK5gACgkQEMKTtsN8
TjZA3w/1Eyg3QujmonzCNvLY6wBnA8B7yHCy3XrN5ITga6b+saOlhJVE3mtFkdOR
uHNSlOaoD+eemIKLnUYuBk3AmKL/dDDhirhIGHmbcv64rneEJXWBPYdP/R7RcKvE
5qJLT7v6JPuSVRp+2IzaRDTLZX3iacN+WJCmJhRtZijpgrB+5aYu9XoV/b7OGUcj
GZlZDn9orau5/fFKSvfNTNSauPpPjNizWofPcjbWshLYiH9iNht+d4FdbaG4sN01
vyxMcueLOkQKG2EAhQk7dUyDo9OHm6qd851ryIEVuUkT0uT2bB0+TmofJ32ng60Q
qd/g4UwDXQ2RKeaTih5c9ZDjLqiyPPw4Dj3JAi+hJPsZNivUxPM8B0VhpYmFZWKA
jErwBQ1JEpo1/Q7MFxIrMeTu5hiLqlD9Yj1MU1L0u+q1FysVA+U/cTMsRpM9vUlF
DXohvxr/Jsi/lJQNSdXTQTQL61GsPj/bMSDWNB+FcYvQFvLiVM/+fmoBGGfLWfOQ
eylemhkven7sOPkHDdDs4qZ17BFuc1ZVtmJCsd1J9KOlzb8dlaPrjUlUD2OJ89Q3
JaU05Sw0qbcO9vNfMkAIanyE8o1JzuRLLwWD58ZRxJPmlv5SUoL4bnSy5dypgWBa
hmr6ufXgmJv0IC8tw6vQ5Urh+MNBnSbnDLM6ld4j+cmk6DrDxA==
=CI1R
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 3847-1] xen security update, Moritz Muehlenhoff, 09.05.2017

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang