[Secure-testing-commits] r58408 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Dec 10 05:14:14 UTC 2017 

Author: carnil
Date: 2017-12-10 05:14:14 +0000 (Sun, 10 Dec 2017)
New Revision: 58408

Modified:
   data/CVE/list
Log:
Update xen entries after point release

The xen version in unstable was not updated. As consequence SRM decided
to prop-up the xen source package to unstable and the issues are
source-wise fixed there. No quarantee though xen binary packages are
fully working in unstable.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-09 22:34:39 UTC (rev 58407)
+++ data/CVE/list	2017-12-10 05:14:14 UTC (rev 58408)
@@ -2331,15 +2331,15 @@
 	RESERVED
 CVE-2017-17045 (An issue was discovered in Xen through 4.9.x allowing HVM guest OS ...)
 	{DSA-4050-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-247.html
 CVE-2017-17044 (An issue was discovered in Xen through 4.9.x allowing HVM guest OS ...)
 	{DSA-4050-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-246.html
 CVE-2017-17046 (An issue was discovered in Xen through 4.9.x on the ARM platform ...)
 	{DSA-4050-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-245.html
 CVE-2018-0705
 	RESERVED
@@ -7995,7 +7995,7 @@
 	RESERVED
 CVE-2017-15597 (An issue was discovered in Xen through 4.9.x. Grant copying code made ...)
 	{DSA-4050-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-236.html
 CVE-2017-15586
 	RESERVED
@@ -8811,38 +8811,38 @@
 	NOT-FOR-US: Mirasys Video Management System
 CVE-2017-15594 (An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest ...)
 	{DSA-4050-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	[wheezy] - xen <ignored> (minor issue)
 	NOTE: https://xenbits.xen.org/xsa/advisory-244.html
 CVE-2017-15592 (An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ...)
 	{DSA-4050-1 DLA-1181-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-243.html
 CVE-2017-15593 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ...)
 	{DSA-4050-1 DLA-1181-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-242.html
 CVE-2017-15588 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ...)
 	{DSA-4050-1 DLA-1181-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-241.html
 CVE-2017-15595 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ...)
 	{DSA-4050-1 DLA-1181-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-240.html
 CVE-2017-15589 (An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ...)
 	{DSA-4050-1 DLA-1181-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-239.html
 CVE-2017-15591 (An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers ...)
 	{DSA-4050-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-238.html
 CVE-2017-15590 (An issue was discovered in Xen through 4.9.x allowing x86 guest OS ...)
 	{DSA-4050-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-237.html
 CVE-2017-15289 (The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow ...)
 	- qemu <unfixed> (bug #880832)
@@ -11826,21 +11826,21 @@
 	NOT-FOR-US: Mirasvit Helpdesk MX
 CVE-2017-14319 (A grant unmapping issue was discovered in Xen through 4.9.x. When ...)
 	{DSA-4050-1 DLA-1132-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-234.html
 CVE-2017-14318 (An issue was discovered in Xen 4.5.x through 4.9.x. The function ...)
 	{DSA-4050-1 DLA-1132-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-232.html
 	NOTE: Wheezy will be affected with the upcoming grant table backport
 CVE-2017-14317 (A domain cleanup issue was discovered in the C xenstore daemon (aka ...)
 	{DSA-4050-1 DLA-1132-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-233.html
 CVE-2017-14316 (A parameter verification issue was discovered in Xen through 4.9.x. The ...)
 	{DSA-4050-1 DLA-1132-1}
-	- xen <unfixed>
+	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-231.html
 CVE-2017-14315 (In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation ...)
 	NOT-FOR-US: Apple

More information about the Secure-testing-commits mailing list