Version: 4.3.1

 * CVE-2013-1922 / XSA-48
    qemu-nbd format-guessing due to missing format specification
 * CVE-2013-2007 / XSA-51
    qemu guest agent (qga) insecure file permissions
 * CVE-2013-1442 / XSA-62
    Information leak on AVX and/or LWP capable CPUs
 * CVE-2013-4355 / XSA-63
    Information leaks through I/O instruction emulation
 * CVE-2013-4356 / XSA-64
    Memory accessible by 64-bit PV guests under live migration
 * CVE-2013-4361 / XSA-66
    Information leak through fbld instruction emulation
 * CVE-2013-4368 / XSA-67
    Information leak through outs instruction emulation
 * CVE-2013-4369 / XSA-68
    possible null dereference when parsing vif ratelimiting info
 * CVE-2013-4370 / XSA-69
    misplaced free in ocaml xc_vcpu_getaffinity stub
 * CVE-2013-4371 / XSA-70
    use-after-free in libxl_list_cpupool under memory pressure
 * CVE-2013-4375 / XSA-71
    qemu disk backend (qdisk) resource leak
 * CVE-2013-4416 / XSA-72

diff --git a/xen.spec b/xen.spec
index 179b0fb51ba2b612dd46bbb304e6519605a11fc8..ee87f8f357c8bd9925d19e3dfe7d5147fea38c9e 100644 (file)
--- a/xen.spec
+++ b/xen.spec
@@ -41,12 +41,12 @@
 Summary:       Xen - a virtual machine monitor
 Summary(pl.UTF-8):     Xen - monitor maszyny wirtualnej
 Name:          xen
-Version:       4.3.0
-Release:       3
+Version:       4.3.1
+Release:       1
 License:       GPL v2, interface parts on BSD-like
 Group:         Applications/System
 Source0:       http://bits.xensource.com/oss-xen/release/%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: 7b18cfb58f1ac2ce39cf35a1867f0c0a
+# Source0-md5: 7616b8704e1ab89c81f011f0e3703bc8
 # used by stubdoms
 Source10:      %{xen_extfiles_url}/lwip-1.3.0.tar.gz
 # Source10-md5:        36cc57650cffda9a0269493be2a169bb