[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 4050-1] xen security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4050-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 28, 2017                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : xen
CVE ID         : CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 
                 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15592 
                 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-15597

Multiple vulnerabilities have been discovered in the Xen hypervisor, which
could result in denial of service, information leaks, privilege escalation
or the execution of arbitrary code.

For the oldstable distribution (jessie) a separate update will be
released.

For the stable distribution (stretch), these problems have been fixed in
version 4.8.2+xsa245-0+deb9u1.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlodvOQACgkQEMKTtsN8
TjYK5BAAuPtJpa3G/+6/wZARyJh3v5ljkm7kZpKK2WTEe4EOC5TgMdkfCDjLTbV9
yCV3gwI5n3ePlnjGDHN3X1KDRbLSaMjt0vbJcrMcIuRFcGixN7Fhj5r+e3M7hmDG
HUZ+a+ifj9jJ3cqXqYm07KfXH7qxyf/NgD4IfH2IEc3BT6qdJihw+fNTt/Q2z3a5
rgeDUIbLof1zVoA0qGUUg2kbmmCQxKyPtBMG7rRLakBidjl4xu/QCT7vKbl0hubp
3ectK5Zypq3kAAn3J/i7K6yclyXoP+nrQwM+euVV44aLcAx8c0ajfwKI5vXf10JG
Km5pL42ZV0RwL6A6FBDu2zN+ZpReWNgA6OBC6t0RNCtPiJAkt8Jd0F8/Leg1iXOq
LB/jqLF3X9qLmlI1VOOThQVsgN1oKzpiP/aELUw+l+iChH4WYuGjiyUVs4D+T9k0
Wlxdgbd3bpG4NYZ4+M6vAit55VRsML8vCM5mhiPaTTz/VwcdEBEMfuZ/Q9ct2EIu
dl04xkcqfN1BqtfB7weQqG9WssiJTO/fphVxbbDaCZWT4pXcmlpy1Ct9ALWXwjjC
PtmwOmR0O6OQs9IrypmztgC0qsM8K5/duZj21ocai4Lnk/HEwXmu4IH7DL85akkJ
3pMQSwVFO3rcJoZIkPreddbCY1Xn9KXWnCsQX9BNd9Mr5GBgASs=
=kwuz
-----END PGP SIGNATURE-----


Reply to: