Xen was updated to fix two security issues:
* CVE-2015-3456: A buffer overflow in the floppy drive emulation,
which could be used to carry out denial of service attacks or
potential code execution against the host. This vulnerability is
also known as VENOM.
* CVE-2015-3340: An information leak through XEN_DOMCTL_gettscinfo().
(XSA-132)
Security Issues:
* CVE-2015-3456
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456</a>>
* CVE-2015-3340
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3340">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3340</a>>