Changelog
xen (4.11.1-1) unstable; urgency=medium
* debian/control: Add Homepage, Vcs-Browser and Vcs-Git.
(Closes: #911457)
* grub.d/xen.cfg: fix default entry when using l10n (Closes: #865086)
* debian/rules: Don't exclude the actual pygrub script.
* Update to new upstream version 4.11.1, which also contains:
- Fix: insufficient TLB flushing / improper large page mappings with AMD
IOMMUs
XSA-275 CVE-2018-19961 CVE-2018-19962
- Fix: resource accounting issues in x86 IOREQ server handling
XSA-276 CVE-2018-19963
- Fix: x86: incorrect error handling for guest p2m page removals
XSA-277 CVE-2018-19964
- Fix: x86: Nested VT-x usable even when disabled
XSA-278 CVE-2018-18883
- Fix: x86: DoS from attempting to use INVPCID with a non-canonical
addresses
XSA-279 CVE-2018-19965
- Fix for XSA-240 conflicts with shadow paging
XSA-280 CVE-2018-19966
- Fix: guest use of HLE constructs may lock up host
XSA-282 CVE-2018-19967
* Update version handling patching to put the team mailing list address in
the first hypervisor log line and fix broken other substitutions.
* Disable handle_iptable hook in vif-common script. See #894013 for more
information.
-- Hans van Kranenburg <email address hidden> Wed, 02 Jan 2019 20:59:40 +0100