Changelog
xen (4.14.5+24-g87d90d511c-1) bullseye-security; urgency=medium
* Update to new upstream version 4.14.5+24-g87d90d511c, which also contains
security fixes for the following issues:
for the following issues:
- x86 pv: Race condition in typeref acquisition
XSA-401 CVE-2022-26362
- x86 pv: Insufficient care with non-coherent mappings
XSA-402 CVE-2022-26363 CVE-2022-26364
- x86: MMIO Stale Data vulnerabilities
XSA-404 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166
- Retbleed - arbitrary speculative code execution with return instructions
XSA-407 CVE-2022-23816 CVE-2022-23825 CVE-2022-29900
* Note that the following XSA are not listed, because...
- XSA-403 patches are not applied to stable branch lines.
- XSA-405 and XSA-406 have patches for the Linux kernel.
-- Hans van Kranenburg <email address hidden> Wed, 13 Jul 2022 16:28:39 +0200