[Secure-testing-commits] r46068 - data/CVE

Tue Nov 8 19:56:30 UTC 2016

Author: jmm
Date: 2016-11-08 19:56:30 +0000 (Tue, 08 Nov 2016)
New Revision: 46068

Modified:
   data/CVE/list
Log:
xen fixes


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-11-08 19:39:35 UTC (rev 46067)
+++ data/CVE/list	2016-11-08 19:56:30 UTC (rev 46068)
@@ -12933,7 +12933,7 @@
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2
 CVE-2016-5242 (The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x ...)
 	{DSA-3633-1}
-	- xen <unfixed>
+	- xen 4.8.0~rc3-1
 	[wheezy] - xen <not-affected> (arm not supported)
 	NOTE: http://xenbits.xen.org/xsa/advisory-181.html
 CVE-2016-5241
@@ -14277,13 +14277,13 @@
 	[jessie] - onionshare <not-affected> (Vulnerable code not present)
 	NOTE: Neutralised by kernel hardening (also contrib and non-free not supported)
 CVE-2016-4963 (The libxl device-handling in Xen through 4.6.x allows local guest OS ...)
-	- xen <unfixed>
+	- xen 4.8.0~rc3-1
 	[jessie] - xen <no-dsa> (Minor issue, too intrusive to backport)
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport, libvirt doesn't have libxl driver enabled)
 	NOTE: http://xenbits.xen.org/xsa/advisory-178.html
 CVE-2016-4962 (The libxl device-handling in Xen 4.6.x and earlier allows local OS ...)
 	{DSA-3633-1}
-	- xen <unfixed>
+	- xen 4.8.0~rc3-1
 	[wheezy] - xen <no-dsa> (Too intrusive to backport, libvirt doesn't have libxl driver enabled)
 	NOTE: http://xenbits.xen.org/xsa/advisory-175.html
 CVE-2016-4961
@@ -15690,7 +15690,7 @@
 	RESERVED
 CVE-2016-4480 (The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen ...)
 	{DSA-3633-1 DLA-571-1}
-	- xen <unfixed>
+	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-176.html
 CVE-2016-4479
 	RESERVED
@@ -17276,7 +17276,7 @@
 	NOTE: Fixed by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=103f6112f253017d7062cd74d17f4a514ed4485c
 CVE-2016-3960 (Integer overflow in the x86 shadow pagetable code in Xen allows local ...)
 	{DSA-3554-1 DLA-571-1}
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	NOTE: http://xenbits.xen.org/xsa/advisory-173.html
 CVE-2016-3957
 	RESERVED
@@ -19268,7 +19268,7 @@
 	RESERVED
 CVE-2016-3159 (The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not ...)
 	{DSA-3554-1 DLA-571-1}
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	NOTE: http://xenbits.xen.org/xsa/advisory-172.html
 	NOTE: CVE-2016-3159 is for the code change which is applicable for later
 	NOTE: versions only, but which must always be combined with the code change
@@ -19276,7 +19276,7 @@
 	NOTE: patches the function fpu_fxrstor.
 CVE-2016-3158 (The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly ...)
 	{DSA-3554-1 DLA-571-1}
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	NOTE: http://xenbits.xen.org/xsa/advisory-172.html
 	NOTE: CVE-2016-3158 is for the code change which is required for all
 	NOTE: versions (but which is sufficient only on Xen 4.3.x, and insufficient
@@ -22328,12 +22328,12 @@
 	NOT-FOR-US: Eaton Lighting
 CVE-2016-2271 (VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows ...)
 	{DSA-3519-1 DLA-479-1}
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-170.html
 CVE-2016-2270 (Xen 4.6.x and earlier allows local guest administrators to cause a ...)
 	{DSA-3519-1 DLA-479-1}
-	- xen <unfixed>
+	- xen 4.8.0~rc3-1
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-154.html
 CVE-2016-2269
@@ -25076,12 +25076,12 @@
 	NOTE: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870
 CVE-2016-1571 (The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x ...)
 	{DSA-3519-1 DLA-479-1}
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-168.html
 CVE-2016-1570 (The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, ...)
 	{DSA-3519-1 DLA-479-1}
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-167.html
 CVE-2016-1567 (chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer ...)
@@ -27346,7 +27346,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/21/6
 CVE-2015-8615 (The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 ...)
 	{DLA-479-1}
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	[jessie] - xen <not-affected> (Only affects 4.6)
 	[wheezy] - xen <not-affected> (Only affects 4.6)
 	[squeeze] - xen <not-affected> (Only affects 4.6)
@@ -28187,7 +28187,7 @@
 	NOT-FOR-US: F1BookView
 CVE-2015-8555 (Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU ...)
 	{DSA-3519-1 DLA-479-1}
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-165.html
 CVE-2015-8554 (Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using ...)
@@ -28243,7 +28243,7 @@
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (vulnerable code not present)
 	[squeeze] - qemu-kvm <not-affected> (vulnerable code not present)
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-155.html
 	NOTE: https://git.kernel.org/linus/454d5d882c7e412b840e3c99010fe81a9862f6fb
@@ -30576,7 +30576,7 @@
 	REJECTED
 CVE-2015-8341 (The libxl toolstack library in Xen 4.1.x through 4.6.x does not ...)
 	{DSA-3519-1}
-	- xen <unfixed> (bug #823620)
+	- xen 4.8.0~rc3-1 (bug #823620)
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-160.html


