[Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-27379/xen
Salvatore Bonaccorso
carnil at debian.org
Sun Feb 21 20:13:47 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
02ae04e9 by Salvatore Bonaccorso at 2021-02-21T21:13:16+01:00
Update status for CVE-2021-27379/xen
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -295,9 +295,12 @@ CVE-2021-27381
CVE-2021-27380
RESERVED
CVE-2021-27379 (An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM ...)
- - xen <unfixed>
+ - xen 4.14.0+80-gd101b417b7-1
[stretch] - xen <not-affected> (Incomplete fix for CVE-2020-15565 not applied)
NOTE: https://xenbits.xen.org/xsa/advisory-366.html
+ NOTE: Mark first version in 4.14.x which landed in unstable as fixed, though
+ NOTE: the issue more precisely only affects Xen versions up to 4.11 with version
+ NOTE: containing broken backport for XSA-321 / CVE-2020-15565
CVE-2021-27378 (An issue was discovered in the rand_core crate before 0.6.2 for Rust. ...)
- rust-rand-core <unfixed>
NOTE: https://rustsec.org/advisories/RUSTSEC-2021-0023.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02ae04e969d1030371c0e5370dac4e77ee41e524
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02ae04e969d1030371c0e5370dac4e77ee41e524
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210221/af000744/attachment.htm>
More information about the debian-security-tracker-commits
mailing list