[SECURITY] [DLA 1270-1] xen security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : xen
Version : 4.1.6.lts1-12
CVE ID : CVE-2016-9603 CVE-2016-9637 CVE-2017-2620
Multiple vulnerabilities have been discovered in the Xen hypervisor, which
could result in privilege escalation.
For Debian 7 "Wheezy", these problems have been fixed in version
4.1.6.lts1-12.
We recommend that you upgrade your xen packages.
Please note that CVE-2017-15590 (XSA-237) will *not* be fixed in wheezy as
the patches are too intrusive to backport.
The vulnerability can be mitigated by not passing through physical devices
to untrusted guests.
More information can be found on https://xenbits.xen.org/xsa/advisory-237.html
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEFkxwUS95KUdnZKtW/iLG/YMTXUUFAlp5oFMACgkQ/iLG/YMT
XUVYhg//af8gqhHof4pV1pVcsxzB6NPbAjiFqRC3RLj6/aN2aJ7dkI/9CxVvkCgz
1FzFCots57gqBaoSZB/Pl7SordOzoAfH+J51hIj7RI7Q8Qr6Hunc9nQdFWvmffba
vDYvPFiWz/+G6hN/S3Ou0UZL897I6GzDLaWzXEpn3KFRX73VdiXCtiTcs1VPgazH
pavxgWNgk2CaGUgfVbyW7ZTovfBEuSwW3gIfBLV6RHnfNrYxKC0w5SStYzZnCSjn
BMXIB5RzzmW6htGP15T5FoVrbYWSD9FPG/4VquOXK34vguATNVkXG2chhvX+cuxu
P7Stk2GrRsamSNLsYgCiB78OSyvOuz2yh/3xG4zuTZHp+9voeKZQ6oN2zcIKEr8K
t5ADjWFBIW+pxyrVYz3/Szms+7m50xWHOLhlJROtH2d8/bmGx6/y6vKJrub+dc3+
Gq10vUHzGKLIyTvzXmgzcknZXfPGH5+1hkM5eIFELkIdeVsA4o4xt75hdTNNi3Tp
IEMr6b1dWbNUuaAmC3gR9vuTTzp11iN0zbLfYhVR1xW8Fgn2j3o6upmOeCogoOBI
l2eEffesEv0fuVimHCs96IiDfbhBnS/ejzJLwpxMOw24wUlBCpkzbb6GbTzDQvgy
FbBSIkDHtXAoqymuw6kpsYQo8mm2FzJfQ3/YjEYhMQapEypR3Sw=
=YdEG
-----END PGP SIGNATURE-----
Reply to: