[Git][security-tracker-team/security-tracker][master] Add fixes for xen via unstable for issues tracked in #947944
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 8 16:35:28 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
54c8319a by Salvatore Bonaccorso at 2020-01-08T17:35:04+01:00
Add fixes for xen via unstable for issues tracked in #947944
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10406,25 +10406,25 @@ CVE-2019-19585 (An issue was discovered in rConfig 3.9.3. The install script upd
CVE-2019-19584
RESERVED
CVE-2019-19583 (An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH gue ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-308.html
CVE-2019-19582 (An issue was discovered in Xen through 4.12.x allowing x86 guest OS us ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-307.html
CVE-2019-19581 (An issue was discovered in Xen through 4.12.x allowing 32-bit Arm gues ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-307.html
CVE-2019-19580 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-310.html
CVE-2019-19578 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-309.html
CVE-2019-19577 (An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM gue ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-311.html
CVE-2019-19579 (An issue was discovered in Xen through 4.12.x allowing attackers to ga ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-306.html
CVE-2019-19576 (class.upload.php in verot.net class.upload before 1.0.3 and 2.x before ...)
NOT-FOR-US: K2 extension for Joomla!
@@ -16233,22 +16233,22 @@ CVE-2019-18427
CVE-2019-18426
RESERVED
CVE-2019-18425 (An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-298.html
CVE-2019-18424 (An issue was discovered in Xen through 4.12.x allowing attackers to ga ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-302.html
CVE-2019-18423 (An issue was discovered in Xen through 4.12.x allowing ARM guest OS us ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-301.html
CVE-2019-18422 (An issue was discovered in Xen through 4.12.x allowing ARM guest OS us ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-303.html
CVE-2019-18421 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-299.html
CVE-2019-18420 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://xenbits.xen.org/xsa/advisory-296.html
CVE-2019-18419 (A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB ...)
NOT-FOR-US: ClonOS
@@ -39062,7 +39062,7 @@ CVE-2019-11135 (TSX Asynchronous Abort condition on some CPUs utilizing speculat
{DSA-4565-1 DSA-4564-1 DLA-2051-1 DLA-1990-1 DLA-1989-1}
- linux 5.3.9-2
- intel-microcode 3.20191112.1
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort
NOTE: https://xenbits.xen.org/xsa/advisory-305.html
NOTE: The 3.20191112.1 release for intel-microcode did contain most updates, additional
@@ -89906,7 +89906,7 @@ CVE-2018-12207 (Improper invalidation for page table updates by a virtual guest
{DSA-4564-1 DLA-1990-1}
- linux 5.3.9-2
[jessie] - linux <ignored> (Untrusted guests are no longer supportable)
- - xen <unfixed> (bug #947944)
+ - xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change-0
NOTE: https://xenbits.xen.org/xsa/advisory-304.html
CVE-2018-12206 (Improper configuration of hardware access in Intel QuickAssist Technol ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/54c8319a98d36a78953fd602251b0d18c0a89575
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/54c8319a98d36a78953fd602251b0d18c0a89575
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200108/2fd18161/attachment.html>
More information about the debian-security-tracker-commits
mailing list