Your message dated Sun, 03 Dec 2023 12:32:14 +0000
with message-id <[email protected]>
and subject line Bug#1056928: fixed in xen 4.17.2+76-ge1f9cb16e2-1~deb12u1
has caused the Debian Bug report #1056928,
regarding xen: CVE-2023-46835 CVE-2023-46836
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1056928: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056928
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: xen
Version: 4.17.2+55-g0b56bed864-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerabilities were published for xen.
CVE-2023-46835[0]:
| x86/AMD: mismatch in IOMMU quarantine page table levels
CVE-2023-46836[1]:
| x86: BTC/SRSO fixes not fully effective
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-46835
https://www.cve.org/CVERecord?id=CVE-2023-46835
https://xenbits.xen.org/xsa/advisory-445.html
[1] https://security-tracker.debian.org/tracker/CVE-2023-46836
https://www.cve.org/CVERecord?id=CVE-2023-46836
https://xenbits.xen.org/xsa/advisory-446.html
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: xen
Source-Version: 4.17.2+76-ge1f9cb16e2-1~deb12u1
Done: Maximilian Engelhardt <[email protected]>
We believe that the bug you reported is fixed in the latest version of
xen, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Maximilian Engelhardt <[email protected]> (supplier of updated xen package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 02 Dec 2023 17:58:08 +0100
Source: xen
Architecture: source
Version: 4.17.2+76-ge1f9cb16e2-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian Xen Team <[email protected]>
Changed-By: Maximilian Engelhardt <[email protected]>
Closes: 1042102 1056928
Changes:
xen (4.17.2+76-ge1f9cb16e2-1~deb12u1) bookworm; urgency=medium
.
* Rebuild for bookworm to address the security issues since
4.17.1+2-gb773c48e36-1 listed below.
* d/salsa-ci.yml: Set RELEASE variable to bookworm
.
xen (4.17.2+76-ge1f9cb16e2-1) unstable; urgency=medium
.
* Update to new upstream version 4.17.2-76-ge1f9cb16e2, which also contains
security fixes for the following issues: (Closes: #1056928)
- x86/AMD: mismatch in IOMMU quarantine page table levels
XSA-445 CVE-2023-46835
- x86: BTC/SRSO fixes not fully effective
XSA-446 CVE-2023-46836
.
xen (4.17.2+55-g0b56bed864-1) unstable; urgency=medium
.
* Update to new upstream version 4.17.2+55-g0b56bed864, which also contains
security fixes for the following issues:
- arm32: The cache may not be properly cleaned/invalidated
XSA-437 CVE-2023-34321
- top-level shadow reference dropped too early for 64-bit PV guests
XSA-438 CVE-2023-34322
- x86/AMD: Divide speculative information leak
XSA-439 CVE-2023-20588
- xenstored: A transaction conflict can crash C Xenstored
XSA-440 CVE-2023-34323
- x86/AMD: missing IOMMU TLB flushing
XSA-442 CVE-2023-34326
- Multiple vulnerabilities in libfsimage disk handling
XSA-443 CVE-2023-34325
- x86/AMD: Debug Mask handling
XSA-444 CVE-2023-34327 CVE-2023-34328
* Note that the following XSA are not listed, because...
- XSA-441 has patches for the Linux kernel.
.
xen (4.17.2-1) unstable; urgency=medium
.
* Update to new upstream version 4.17.2, which also contains
security fixes for the following issues: (Closes: #1042102)
- x86/AMD: Zenbleed
XSA-433 CVE-2023-20593
- x86/AMD: Speculative Return Stack Overflow
XSA-434 CVE-2023-20569
- x86/Intel: Gather Data Sampling
XSA-435 CVE-2022-40982
- arm: Guests can trigger a deadlock on Cortex-A77
XSA-436 CVE-2023-34320
* Note that the following XSA are not listed, because...
- XSA-432 has patches for the Linux kernel.
Checksums-Sha1:
d61e2bbfa98c38898a091711e48cffbe2fbdb467 4522
xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.dsc
fa5d46e9a5a506de7de24ee592f2e6c92221fa3b 136800
xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.debian.tar.xz
Checksums-Sha256:
da5ad079ffc53f0d87f701dece3cdf936c3fa8f3dfcd03a7b031bc5e7fe3b1ce 4522
xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.dsc
30d06e10eb6ad4b2758f02968db1d741669be6bc23b5cbaf828c075ec6a46445 136800
xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.debian.tar.xz
Files:
8bc5dc13ab2b089af17ccad33a08b8f5 4522 admin optional
xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.dsc
c056b8eb8fcfb43d2fb5609b8e2064d4 136800 admin optional
xen_4.17.2+76-ge1f9cb16e2-1~deb12u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmVroNoACgkQssHfcmNh
X2zxrQ/9FEQo6A+p9dulVYdC2I820tkqOj/bM5yG8pRcodHAAiuXJMTDZ9A5XNOk
6xpp2z1qY0/N0XiEEBkFbxK0a7oLSZTUxSouaugBGoeo26ebWqBBkziM784Ae6F5
6YqYGhHLpvB+q1agzb14qcqu4+rvgfuA0awyLRNersD5k1DYB8oM4gSH7GHdkuUh
lxwwdkFXC4vZWEQENDvP6iLaFFXmxe9+q6RZgyuU1s1+Wp1ThBDBQbZfpBFxgv/Q
Pj51o/N00XyKmtwkD1aMeGYhIuCSOjWWqW+RNQYda5Idr+jsiHAupa3UWj+PzihK
nar01GIG1g50SL2JS5YC0wx2TAr1JCNqQxcMhNq1Znrq0FptymoZBQ2u94HT7aco
XbvYciI2YT42VHtzl9icBBow+cSvV+NL228sDfwfYqj5Ixns95xfpGOnv7udSJ5L
IHRNdSUogBQyU+ScwNp+vJgP+GKVKqQn3e1zZOBJTUIafMg/uUqn7YvIfXL3lkPJ
Ki8oR9bvS5bqUOAiKHmC5kQYc5uTsdMlKGTpHPuzqxj64lHGnEUDFNkmfen9W5As
fERsYKmbBzNvCbQfpnHqq/AG5qgnChF/cZnhWIBAW/6YBEA8jWTEsTuqVb8XC5nK
r7LTv0I8NTQbNxIYx5il6SxbBbcbb8mpbLENl1ogxyye+gde9bI=
=XMKi
-----END PGP SIGNATURE-----
--- End Message ---
