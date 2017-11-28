-----BEGIN PGP SIGNED MESSAGE-----

Debian Security Advisory DSA-4050-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 28, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------



Package : xen

CVE ID : CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319

CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15592

CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-15597



Multiple vulnerabilities have been discovered in the Xen hypervisor, which

could result in denial of service, information leaks, privilege escalation

or the execution of arbitrary code.



For the oldstable distribution (jessie) a separate update will be

released.



For the stable distribution (stretch), these problems have been fixed in

version 4.8.2+xsa245-0+deb9u1.



We recommend that you upgrade your xen packages.



For the detailed security status of xen please refer to

its security tracker page at:

https://security-tracker.debian.org/tracker/xen



