Pkg xen devel - Aug 2024 - xen_4.17.5-1~deb12u1_source.changes ACCEPTED into proposed-updates->stable-new

Thank you for your contribution to Debian.

Mapping bookworm to stable.
Mapping stable to proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 18 Aug 2024 20:33:38 +0200
Source: xen
Architecture: source
Version: 4.17.5-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Maximilian Engelhardt <maxi at daemonizer.de>
Changes:
 xen (4.17.5-1~deb12u1) bookworm; urgency=medium
 .
   * Update to new upstream version 4.17.5, which also contains
     security fixes for the following issues:
     - x86: shadow stack vs exceptions from emulation stubs
       XSA-451 CVE-2023-46841
     - x86: Register File Data Sampling
       XSA-452 CVE-2023-28746
     - GhostRace: Speculative Race Conditions
       XSA-453 CVE-2024-2193
     - x86 HVM hypercalls may trigger Xen bug check
       XSA-454 CVE-2023-46842
     - x86: Incorrect logic for BTC/SRSO mitigations
       XSA-455 CVE-2024-31142
     - x86: Native Branch History Injection
       XSA-456 CVE-2024-2201
     - double unlock in x86 guest IRQ handling
       XSA-458 CVE-2024-31143
     - error handling in x86 IOMMU identity mapping
       XSA-460 CVE-2024-31145
     - PCI device pass-through with shared resources
       XSA-461 CVE-2024-31146
   * Note that the following XSA are not listed, because...
     - XSA-457 has patches for the Linux kernel.
     - XSA-459 is within Xapi which is not shipped by this package.
Checksums-Sha1:
 59df19759539c56374b42ce7774c5e58a18b024e 4402 xen_4.17.5-1~deb12u1.dsc
 27bb616ab0436e94433f4843afa292030452c2e5 4685768 xen_4.17.5.orig.tar.xz
 36ec604101068228e923d8ae3145702ce109e5d4 137044
xen_4.17.5-1~deb12u1.debian.tar.xz
Checksums-Sha256:
 099b7f18829e9e973011e61bed5aff64fd221d8570be44cb29b655ae1d9a6f0b 4402
xen_4.17.5-1~deb12u1.dsc
 a22ba1954058f2e19ebd2aeb77c4866dd16b416923215b22aea9b40a54b22fa9 4685768
xen_4.17.5.orig.tar.xz
 a37e80e590db534afb227c4f8099930d13e1ba874383b71190e76140232545a9 137044
xen_4.17.5-1~deb12u1.debian.tar.xz
Files:
 b3be0af9a13f1e9edd0a1f798bb567d3 4402 admin optional xen_4.17.5-1~deb12u1.dsc
 991777e862ccdcb9ce29be90e87a9605 4685768 admin optional xen_4.17.5.orig.tar.xz
 ce6f0263702312b83b5a05b68c59c38e 137044 admin optional
xen_4.17.5-1~deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmbLJU4ACgkQssHfcmNh
X2z5vRAAmwOq/sHNN9YZdecr5UUCmOQQgU6fRlySPAbqybxsFL7reKP066B1cJAj
dytZYXbFs9goh5IarKVdp+2rhRgMseQ+fAWtFTwZbhokmNnd4NmbGX775CodslQE
NhqNJwZaq5s+J95CHaiB6UlCuXKqlMoN7Q0yp4Gc4P3WC8H6BKjmqJ6hE3C07PWo
WzqiTjmdUjjuHk2jRRtwp+erXwxjhpEtSwvywufI5YbTBPmWOOV9h0RufvABStuN
5S8Jinwiqb5B6AldQb0HCLlPEm3otG/qnGwMf4FpL9asg9nf9FtS6lXJFdMdyPaL
scQfKV3rcKleDVRHfiX7tzQtfvehJcL7l1kc5UEXzP05VA6If1UkcAZ/+1f2WPHg
XuiIkgvFSVkGj0Rzli8LzkRoGnENaC7znn/KLzWzcvsobfEJw7t13v/7Ghn86bQ9
TIeuiwoNxYiBf+LNcSfI4N8S7Sf7kKMCU5co5/c7IiVhdttEwNnK/9qXyLITuGLw
sOfldnL+P/WsCudTiALf5kxgK/HytwkuXfbG7ipOuQbjvJMlFMZBNW7R1cRyffha
8oVGhOUYw/P+rwL+U1O1a790AiOWPhzcrrb5C227hNRQ2aLoGq7iFjesRj3fjZfX
PdxB//+HLC30FnQb0fyzwBBqTcoI0QhNwQQClxvqsTIRh8D4VpA=sLty
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL:
<http://alioth-lists.debian.net/pipermail/pkg-xen-devel/attachments/20240825/984dd994/attachment.sig>