[Secure-testing-commits] r55669 - in data: . CVE DSA
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Sep 11 22:50:37 UTC 2017
Author: jmm
Date: 2017-09-11 22:50:36 +0000 (Mon, 11 Sep 2017)
New Revision: 55669
Modified:
data/CVE/list
data/DSA/list
data/dsa-needed.txt
Log:
reserve DSA ID for Xen
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-11 21:49:01 UTC (rev 55668)
+++ data/CVE/list 2017-09-11 22:50:36 UTC (rev 55669)
@@ -1,3 +1,8 @@
+CVE-2017-XXXX [XSA 235]
+ - xen <unfixed>
+ [stretch] - xen 4.8.1-1+deb9u3
+ [jessie] - xen 4.4.1-9+deb8u10
+ NOTE: https://xenbits.xen.org/xsa/advisory-235.html
CVE-2017-14311
RESERVED
CVE-2017-14310 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
@@ -5963,6 +5968,7 @@
NOTE: https://xenbits.xen.org/xsa/advisory-227.html
CVE-2017-12136 (Race condition in the grant table code in Xen 4.6.x through 4.9.x ...)
- xen <unfixed>
+ [stretch] - xen 4.8.1-1+deb9u3
[jessie] - xen <not-affected> (Only affects 4.6 and later)
[wheezy] - xen <not-affected> (Only affects 4.6 and later)
NOTE: https://xenbits.xen.org/xsa/advisory-228.html
@@ -12393,6 +12399,7 @@
NOTE: https://xenbits.xen.org/xsa/advisory-224.html
CVE-2017-10919 (Xen through 4.8.x mishandles virtual interrupt injection, which allows ...)
- xen <unfixed>
+ [jessie] - xen <ignored> (No backport available, limited to arm)
[wheezy] - xen <not-affected> (arm not supported)
NOTE: https://xenbits.xen.org/xsa/advisory-223.html
CVE-2017-10918 (Xen through 4.8.x does not validate memory allocations during certain ...)
@@ -12404,6 +12411,7 @@
NOTE: https://xenbits.xen.org/xsa/advisory-221.html
CVE-2017-10916 (The vCPU context-switch implementation in Xen through 4.8.x improperly ...)
- xen <unfixed>
+ [stretch] - xen 4.8.1-1+deb9u3
[jessie] - xen <not-affected> (Vulnerable code not present)
[wheezy] - xen <not-affected> (Vulnerable code not present)
NOTE: https://xenbits.xen.org/xsa/advisory-220.html
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2017-09-11 21:49:01 UTC (rev 55668)
+++ data/DSA/list 2017-09-11 22:50:36 UTC (rev 55669)
@@ -1,3 +1,7 @@
+[12 Sep 2017] DSA-3969-1 xen - security update
+ {CVE-2017-10912 CVE-2017-10913 CVE-2017-10914 CVE-2017-10915 CVE-2017-10917 CVE-2017-10918 CVE-2017-10919 CVE-2017-10920 CVE-2017-10921 CVE-2017-10922 CVE-2017-12135 CVE-2017-12137 CVE-2017-12855}
+ [jessie] - xen 4.4.1-9+deb8u10
+ [stretch] - xen 4.8.1-1+deb9u3
[11 Sep 2017] DSA-3968-1 icedove - security update
{CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7807 CVE-2017-7809}
[jessie] - icedove 52.3.0-4~deb8u2
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2017-09-11 21:49:01 UTC (rev 55668)
+++ data/dsa-needed.txt 2017-09-11 22:50:36 UTC (rev 55669)
@@ -95,9 +95,5 @@
2017-05-13: asked balint@ if he wants to prepare an update now
2017-07-28: re-ping balint@
--
-xen (jmm)
- Maintainer prepared updates, but only for stretch-security, needs
- clarification for jessie-security.
---
zendframework/oldstable
--
More information about the Secure-testing-commits
mailing list