[Git][security-tracker-team/security-tracker][master] reference MDS advisory by Intel

Moritz Muehlenhoff jmm at debian.org
Tue May 14 18:26:10 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4ddf5dbe by Moritz Muehlenhoff at 2019-05-14T17:25:19Z
reference MDS advisory by Intel
mariadb no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2277,6 +2277,7 @@ CVE-2019-11091 [MDSUM  Microarchitectural Data Sampling Uncacheable Memory]
 	- intel-microcode <unfixed>
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
+	NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
 CVE-2019-11090
 	RESERVED
 CVE-2019-11089
@@ -12428,7 +12429,8 @@ CVE-2019-7304 (Canonical snapd before version 2.37.1 incorrectly performed socke
 	NOTE: https://bugs.launchpad.net/snapd/+bug/1813365
 	NOTE: Introduced in 2.28, fixed in 2.37.1
 CVE-2019-7303 (A vulnerability in the seccomp filters of Canonical snapd before versi ...)
-	- snapd 2.37.4-1
+	- snapd 2.37.4-1 (low)
+	[stretch] - snapd <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/snapd/+bug/1812973
 CVE-2019-7302
 	RESERVED
@@ -24712,6 +24714,7 @@ CVE-2019-2628 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 CVE-2019-2627 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mariadb-10.3 <unfixed> (bug #928393)
 	- mariadb-10.1 <removed>
+	[stretch] - mariadb-10.1 <no-dsa> (Minor issue)
 	- mysql-5.7 <unfixed> (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 	NOTE: Fixed in MariaDB: 10.3.15, 10.1.39
@@ -24742,6 +24745,7 @@ CVE-2019-2615 (Vulnerability in the Oracle WebLogic Server component of Oracle F
 CVE-2019-2614 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mariadb-10.3 <unfixed> (bug #928393)
 	- mariadb-10.1 <removed>
+	[stretch] - mariadb-10.1 <no-dsa> (Minor issue)
 	- mysql-5.7 <unfixed> (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.3.15, 10.1.39
@@ -51167,6 +51171,7 @@ CVE-2018-12130 [MFBDS  Microarchitectural Fill Buffer Data Sampling]
 	- intel-microcode <unfixed>
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
+	NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
 CVE-2018-12129
 	RESERVED
 CVE-2018-12128
@@ -51176,11 +51181,13 @@ CVE-2018-12127 [MLPDS  Microarchitectural Load Port Data Sampling]
 	- intel-microcode <unfixed>
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
+	NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
 CVE-2018-12126 [MSBDS  Microarchitectural Store Buffer Data Sampling]
 	RESERVED
 	- intel-microcode <unfixed>
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
+	NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
 CVE-2018-12125
 	RESERVED
 CVE-2018-12124



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4ddf5dbe1f5e5a80e70a84e41d00fe5fa6eaa627

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4ddf5dbe1f5e5a80e70a84e41d00fe5fa6eaa627
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190514/c83d5922/attachment.html>

More information about the debian-security-tracker-commits mailing list