[Git][security-tracker-team/security-tracker][master] Ignore more xen issues for jessie

Bastian Blank waldi at debian.org
Mon Sep 30 12:52:10 BST 2019 


Bastian Blank pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0237eabe by Bastian Blank at 2019-09-30T11:51:32Z
Ignore more xen issues for jessie

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22718,18 +22718,22 @@ CVE-2019-9577
 	RESERVED
 CVE-2019-XXXX [xen: x86 shadow: Insufficient TLB flushing when using PCID]
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929992)
+	[jessie] - xen <not-affected> (PCID support not backported)
 	NOTE: https://xenbits.xen.org/xsa/advisory-294.html
 CVE-2019-XXXX [xen: x86: PV kernel context switch corruption]
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929999)
 	NOTE: https://xenbits.xen.org/xsa/advisory-293.html
 CVE-2019-XXXX [xen: x86: insufficient TLB flushing when using PCID]
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929993)
+	[jessie] - xen <not-affected> (PCID support not backported)
 	NOTE: https://xenbits.xen.org/xsa/advisory-292.html
 CVE-2019-XXXX [xen: x86/PV: page type reference counting issue with failed IOMMU update]
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929995)
+	[jessie] - xen <not-affected> (only 4.8 and later affected)
 	NOTE: https://xenbits.xen.org/xsa/advisory-291.html
 CVE-2019-XXXX [xen: missing preemption in x86 PV page table unvalidation]
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929996)
+	[jessie] - xen <not-affected> (Introduced by ignored fix for CVE-2018-3646)
 	NOTE: https://xenbits.xen.org/xsa/advisory-290.html
 CVE-2019-XXXX [xen: x86: Inconsistent PV IOMMU discipline]
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929994)
@@ -22742,6 +22746,7 @@ CVE-2019-XXXX [xen: race with pass-through device hotplug]
 	NOTE: https://xenbits.xen.org/xsa/advisory-285.html
 CVE-2019-XXXX [xen: grant table transfer issues on large hosts]
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929991)
+	[jessie] - xen <ignored> (memory leak on huge memory machines)
 	NOTE: https://xenbits.xen.org/xsa/advisory-284.html
 CVE-2019-9576 (The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admi ...)
 	NOT-FOR-US: WordPress plugin blog2social



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0237eabe8bf8d28235eef0c45d0b4828260226fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0237eabe8bf8d28235eef0c45d0b4828260226fd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190930/1f988589/attachment.html>

More information about the debian-security-tracker-commits mailing list