Changelog
xen (4.8.0-1) unstable; urgency=high
* Update to upstream Xen 4.8.0.
Includes the following security fixes:
XSA-201 CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818
XSA-198 CVE-2016-9379 CVE-2016-9380
XSA-196 CVE-2016-9378 CVE-2016-9377 Closes:#845669
XSA-195 CVE-2016-9383
XSA-194 CVE-2016-9384 Closes:#845667
XSA-193 CVE-2016-9385
XSA-192 CVE-2016-9382
XSA-191 CVE-2016-9386
Includes other bugfixes too:
Closes:#812166, Closes:#818525.
Cherry picks from upstream:
* Security fixes:
XSA-204 CVE-2016-10013 Closes:#848713
XSA-203 CVE-2016-10025
XSA-202 CVE-2016-10024
For completeness, the following XSAs do not apply here:
XSA-197 CVE-2016-9381 Bug is in qemu
XSA-199 CVE-2016-9637 Bug is in qemu
XSA-200 CVE-2016-9932 Xen 4.8 is not affected
* Cherry pick a build failure fix:
"x86/emul: add likely()/unlikely() to test harness"
[ Ian Jackson ]
* Drop -lcrypto search from upstream configure, and from our
Build-Depends. Closes:#844419.
* Change my own email address to my work (Citrix) address. When
uploading, I will swap hats to effectively sponsor my own upload.
[ Ian Campbell ]
* Start a qemu process in dom0 to service the toolstacks loopback disk
attaches. (Closes: #770456)
* Remove correct pidfile when stopping xenconsoled.
* Check that xenstored has actually started before talking to it.
Incorporate a timeout so as not to block boot (Mitigates #737613)
* Correct syntax error in xen-init-list when running with xend
(Closes: #763102)
* Apply SELinux labels to directories created by initscripts. Patch from
Russell Coker. (Closes: #764912)
* Include a reportbug control file to redirect bugs to src:xen for
packages which contain the Xen version in the name. Closes:#796370.
[ Lubomir Host ]
* Fix xen-init-name to not fail looking for a nonexistent 'config'
entry in xl's JSON output. Closes:#818129.
-- Ian Jackson <email address hidden> Thu, 22 Dec 2016 14:51:46 +0000