[Git][security-tracker-team/security-tracker][master] Marked quite a few CVEs for xen as EOL.

Ola Lundqvist opal at debian.org
Sun Mar 29 20:09:59 BST 2020 


Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f67a5ebe by Ola Lundqvist at 2020-03-29T21:09:37+02:00
Marked quite a few CVEs for xen as EOL.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22041,26 +22041,32 @@ CVE-2019-19584
 CVE-2019-19583 (An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH gue ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-308.html
 CVE-2019-19582 (An issue was discovered in Xen through 4.12.x allowing x86 guest OS us ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-307.html
 CVE-2019-19581 (An issue was discovered in Xen through 4.12.x allowing 32-bit Arm gues ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-307.html
 CVE-2019-19580 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-310.html
 CVE-2019-19578 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-309.html
 CVE-2019-19577 (An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM gue ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-311.html
 CVE-2019-19579 (An issue was discovered in Xen through 4.12.x allowing attackers to ga ...)
 	{DSA-4602-1}
@@ -28270,26 +28276,32 @@ CVE-2019-18426 (A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 w
 CVE-2019-18425 (An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-298.html
 CVE-2019-18424 (An issue was discovered in Xen through 4.12.x allowing attackers to ga ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-302.html
 CVE-2019-18423 (An issue was discovered in Xen through 4.12.x allowing ARM guest OS us ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-301.html
 CVE-2019-18422 (An issue was discovered in Xen through 4.12.x allowing ARM guest OS us ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-303.html
 CVE-2019-18421 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-299.html
 CVE-2019-18420 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-296.html
 CVE-2019-18419 (A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB  ...)
 	NOT-FOR-US: ClonOS
@@ -51527,6 +51539,7 @@ CVE-2019-11135 (TSX Asynchronous Abort condition on some CPUs utilizing speculat
 	- linux 5.3.9-2
 	- intel-microcode 3.20191112.1
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort
 	NOTE: https://xenbits.xen.org/xsa/advisory-305.html
 	NOTE: The 3.20191112.1 release for intel-microcode did contain most updates, additional
@@ -56918,10 +56931,12 @@ CVE-2019-9577
 CVE-2019-17350 (An issue was discovered in Xen through 4.12.x allowing Arm domU attack ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-295.html
 CVE-2019-17349 (An issue was discovered in Xen through 4.12.x allowing Arm domU attack ...)
 	{DSA-4602-1}
 	- xen 4.11.3+24-g14b62ab3e5-1
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-295.html
 CVE-2019-17348 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929992)
@@ -56931,6 +56946,7 @@ CVE-2019-17348 (An issue was discovered in Xen through 4.11.x allowing x86 PV gu
 CVE-2019-17347 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929999)
 	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
+	[jessie] - xen <end-of-life>
 	NOTE: https://xenbits.xen.org/xsa/advisory-293.html
 CVE-2019-17346 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
 	- xen 4.11.1+92-g6c33308a8d-1 (bug #929993)
@@ -102456,6 +102472,7 @@ CVE-2018-12207 (Improper invalidation for page table updates by a virtual guest
 	- linux 5.3.9-2
 	[jessie] - linux <ignored> (Untrusted guests are no longer supportable)
 	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+	[jessie] - xen <end-of-life>
 	NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change-0
 	NOTE: https://xenbits.xen.org/xsa/advisory-304.html
 CVE-2018-12206 (Improper configuration of hardware access in Intel QuickAssist Technol ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f67a5ebee9fe49b5739eb292e0cf2b4a9adf94e7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f67a5ebee9fe49b5739eb292e0cf2b4a9adf94e7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200329/b304e28b/attachment.html>

More information about the debian-security-tracker-commits mailing list