[Git][security-tracker-team/security-tracker][master] xen DSA
Moritz Muehlenhoff
jmm at debian.org
Mon Jan 13 22:10:44 GMT 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9df07e2a by Moritz Muehlenhoff at 2020-01-13T23:10:10+01:00
xen DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -40778,6 +40778,7 @@ CVE-2019-11135 (TSX Asynchronous Abort condition on some CPUs utilizing speculat
- linux 5.3.9-2
- intel-microcode 3.20191112.1
- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort
NOTE: https://xenbits.xen.org/xsa/advisory-305.html
NOTE: The 3.20191112.1 release for intel-microcode did contain most updates, additional
@@ -40873,6 +40874,7 @@ CVE-2019-11091 (Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Unc
- intel-microcode 3.20190514.1
- linux 4.19.37-2
- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen <ignored> (Depends on fix for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
@@ -46124,37 +46126,46 @@ CVE-2019-17349 (An issue was discovered in Xen through 4.12.x allowing Arm domU
NOTE: https://xenbits.xen.org/xsa/advisory-295.html
CVE-2019-17348 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929992)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen <not-affected> (PCID support not backported)
NOTE: https://xenbits.xen.org/xsa/advisory-294.html
CVE-2019-17347 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929999)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://xenbits.xen.org/xsa/advisory-293.html
CVE-2019-17346 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929993)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen <not-affected> (PCID support not backported)
NOTE: https://xenbits.xen.org/xsa/advisory-292.html
CVE-2019-17345 (An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV gu ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929995)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen <not-affected> (only 4.8 and later affected)
NOTE: https://xenbits.xen.org/xsa/advisory-291.html
CVE-2019-17344 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929996)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen <not-affected> (Introduced by ignored fix for CVE-2018-3646)
NOTE: https://xenbits.xen.org/xsa/advisory-290.html
CVE-2019-17343 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
{DLA-1949-1}
- xen 4.11.1+92-g6c33308a8d-1 (bug #929994)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://xenbits.xen.org/xsa/advisory-288.html
CVE-2019-17342 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
{DLA-1949-1}
- xen 4.11.1+92-g6c33308a8d-1 (bug #930001)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://xenbits.xen.org/xsa/advisory-287.html
CVE-2019-17341 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
{DLA-1949-1}
- xen 4.11.1+92-g6c33308a8d-1 (bug #929998)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://xenbits.xen.org/xsa/advisory-285.html
CVE-2019-17340 (An issue was discovered in Xen through 4.11.x allowing x86 guest OS us ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929991)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen <ignored> (memory leak on huge memory machines)
NOTE: https://xenbits.xen.org/xsa/advisory-284.html
CVE-2019-9576 (The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admi ...)
@@ -91629,6 +91640,7 @@ CVE-2018-12207 (Improper invalidation for page table updates by a virtual guest
- linux 5.3.9-2
[jessie] - linux <ignored> (Untrusted guests are no longer supportable)
- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change-0
NOTE: https://xenbits.xen.org/xsa/advisory-304.html
CVE-2018-12206 (Improper configuration of hardware access in Intel QuickAssist Technol ...)
@@ -91810,6 +91822,7 @@ CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffe
- intel-microcode 3.20190514.1
- linux 4.19.37-2
- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen <ignored> (Depends on fix for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
@@ -91826,6 +91839,7 @@ CVE-2018-12127 (Microarchitectural Load Port Data Sampling (MLPDS): Load ports o
- intel-microcode 3.20190514.1
- linux 4.19.37-2
- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen <ignored> (Depends on fix for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
@@ -91838,6 +91852,7 @@ CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling (MSBDS): Store buf
- intel-microcode 3.20190514.1
- linux 4.19.37-2
- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen <ignored> (Depends on fix for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[13 Jan 2020] DSA-4602-1 xen - security update
+ {CVE-2019-17349 CVE-2019-17350 CVE-2019-18420 CVE-2019-18421 CVE-2019-18422 CVE-2019-18423 CVE-2019-18424 CVE-2019-18425 CVE-2019-19577 CVE-2019-19578 CVE-2019-19579 CVE-2019-19580 CVE-2019-19581 CVE-2019-19582 CVE-2019-19583}
+ [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
+ [buster] - xen 4.11.3+24-g14b62ab3e5-1~deb10u1
[09 Jan 2020] DSA-4601-1 ldm - security update
{CVE-2019-20373}
[stretch] - ldm 2:2.2.18-2+deb9u1
=====================================
data/dsa-needed.txt
=====================================
@@ -54,5 +54,3 @@ tiff
--
xcftools (hle)
--
-xen (jmm)
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9df07e2a6412374f1b58af53e67b9e7bf1adc5d0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9df07e2a6412374f1b58af53e67b9e7bf1adc5d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200113/1f4cab3c/attachment.html>
More information about the debian-security-tracker-commits
mailing list