[Git][security-tracker-team/security-tracker][master] Several xen issues fixed in unstable

Salvatore Bonaccorso carnil at debian.org
Wed Jun 19 16:34:49 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
326a3bac by Salvatore Bonaccorso at 2019-06-19T15:34:16Z
Several xen issues fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4412,7 +4412,7 @@ CVE-2019-11091 (Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Unc
 	{DSA-4447-1 DSA-4444-1 DLA-1799-1 DLA-1789-1 DLA-1787-1}
 	- intel-microcode 3.20190514.1
 	- linux 4.19.37-2
-	- xen <unfixed> (bug #929129)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
 	NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
 	NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
 	NOTE: https://xenbits.xen.org/xsa/advisory-297.html
@@ -9125,31 +9125,31 @@ CVE-2019-9578 (In devs.c in Yubico libu2f-host before 1.1.8, the response to ini
 CVE-2019-9577
 	RESERVED
 CVE-2019-XXXX [xen: x86 shadow: Insufficient TLB flushing when using PCID]
-	- xen <unfixed> (bug #929992)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929992)
 	NOTE: https://xenbits.xen.org/xsa/advisory-294.html
 CVE-2019-XXXX [xen: x86: PV kernel context switch corruption]
-	- xen <unfixed> (bug #929999)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929999)
 	NOTE: https://xenbits.xen.org/xsa/advisory-293.html
 CVE-2019-XXXX [xen: x86: insufficient TLB flushing when using PCID]
-	- xen <unfixed> (bug #929993)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929993)
 	NOTE: https://xenbits.xen.org/xsa/advisory-292.html
 CVE-2019-XXXX [xen: x86/PV: page type reference counting issue with failed IOMMU update]
-	- xen <unfixed> (bug #929995)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929995)
 	NOTE: https://xenbits.xen.org/xsa/advisory-291.html
 CVE-2019-XXXX [xen: missing preemption in x86 PV page table unvalidation]
-	- xen <unfixed> (bug #929996)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929996)
 	NOTE: https://xenbits.xen.org/xsa/advisory-290.html
 CVE-2019-XXXX [xen: x86: Inconsistent PV IOMMU discipline]
-	- xen <unfixed> (bug #929994)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929994)
 	NOTE: https://xenbits.xen.org/xsa/advisory-288.html
 CVE-2019-XXXX [xen: x86: steal_page violates page_struct access discipline]
-	- xen <unfixed> (bug #930001)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #930001)
 	NOTE: https://xenbits.xen.org/xsa/advisory-287.html
 CVE-2019-XXXX [xen: race with pass-through device hotplug]
-	- xen <unfixed> (bug #929998)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929998)
 	NOTE: https://xenbits.xen.org/xsa/advisory-285.html
 CVE-2019-XXXX [xen: grant table transfer issues on large hosts]
-	- xen <unfixed> (bug #929991)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929991)
 	NOTE: https://xenbits.xen.org/xsa/advisory-284.html
 CVE-2019-9576 (The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admi ...)
 	NOT-FOR-US: WordPress plugin blog2social
@@ -53707,7 +53707,7 @@ CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffe
 	{DSA-4447-1 DSA-4444-1 DLA-1799-1 DLA-1789-1 DLA-1787-1}
 	- intel-microcode 3.20190514.1
 	- linux 4.19.37-2
-	- xen <unfixed> (bug #929129)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
 	NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
 	NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
 	NOTE: https://xenbits.xen.org/xsa/advisory-297.html
@@ -53722,7 +53722,7 @@ CVE-2018-12127 (Microarchitectural Load Port Data Sampling (MLPDS): Load ports o
 	{DSA-4447-1 DSA-4444-1 DLA-1799-1 DLA-1789-1 DLA-1787-1}
 	- intel-microcode 3.20190514.1
 	- linux 4.19.37-2
-	- xen <unfixed> (bug #929129)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
 	NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
 	NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
 	NOTE: https://xenbits.xen.org/xsa/advisory-297.html
@@ -53733,7 +53733,7 @@ CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling (MSBDS): Store buf
 	{DSA-4447-1 DSA-4444-1 DLA-1799-1 DLA-1789-1 DLA-1787-1}
 	- intel-microcode 3.20190514.1
 	- linux 4.19.37-2
-	- xen <unfixed> (bug #929129)
+	- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
 	NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
 	NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
 	NOTE: https://xenbits.xen.org/xsa/advisory-297.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/326a3bac70feb43319f76e6bb2b67dd4291533ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/326a3bac70feb43319f76e6bb2b67dd4291533ea
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190619/678754ba/attachment.html>

More information about the debian-security-tracker-commits mailing list