xen-3.0 (4.0.1-5) stable-security; urgency=low

  A security issue has been discovered that affects some older AMD
  processors. Untrusted 64-bit Xen guests can cause a processor hang.
  Affected processors all predate the AMD SVM extensions for hardware
  virtualization.

  After this update has been applied, Xen will refuses to create DomUs
  by default if it determines it is running on a vulnerable system.
  You may override this default by adding the "allow_unsafe" keyword
  to your hypervisor command line. On systems using the GRUB
  bootloader, you can do this by editing the /etc/default/grub file
  and adding the keyword to the "export GRUB_CMDLINE_XEN=" line.

 -- Bastian Blank <waldi@debian.org>  Mon, 11 Jun 2012 18:10:55 +0000