-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4050-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 28, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-15597 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, information leaks, privilege escalation or the execution of arbitrary code. For the oldstable distribution (jessie) a separate update will be released. For the stable distribution (stretch), these problems have been fixed in version 4.8.2+xsa245-0+deb9u1. We recommend that you upgrade your xen packages. For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xen Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlodvOQACgkQEMKTtsN8 TjYK5BAAuPtJpa3G/+6/wZARyJh3v5ljkm7kZpKK2WTEe4EOC5TgMdkfCDjLTbV9 yCV3gwI5n3ePlnjGDHN3X1KDRbLSaMjt0vbJcrMcIuRFcGixN7Fhj5r+e3M7hmDG HUZ+a+ifj9jJ3cqXqYm07KfXH7qxyf/NgD4IfH2IEc3BT6qdJihw+fNTt/Q2z3a5 rgeDUIbLof1zVoA0qGUUg2kbmmCQxKyPtBMG7rRLakBidjl4xu/QCT7vKbl0hubp 3ectK5Zypq3kAAn3J/i7K6yclyXoP+nrQwM+euVV44aLcAx8c0ajfwKI5vXf10JG Km5pL42ZV0RwL6A6FBDu2zN+ZpReWNgA6OBC6t0RNCtPiJAkt8Jd0F8/Leg1iXOq LB/jqLF3X9qLmlI1VOOThQVsgN1oKzpiP/aELUw+l+iChH4WYuGjiyUVs4D+T9k0 Wlxdgbd3bpG4NYZ4+M6vAit55VRsML8vCM5mhiPaTTz/VwcdEBEMfuZ/Q9ct2EIu dl04xkcqfN1BqtfB7weQqG9WssiJTO/fphVxbbDaCZWT4pXcmlpy1Ct9ALWXwjjC PtmwOmR0O6OQs9IrypmztgC0qsM8K5/duZj21ocai4Lnk/HEwXmu4IH7DL85akkJ 3pMQSwVFO3rcJoZIkPreddbCY1Xn9KXWnCsQX9BNd9Mr5GBgASs= =kwuz -----END PGP SIGNATURE-----