[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-28703/xen

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 26 19:27:40 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
288596c1 by Salvatore Bonaccorso at 2021-11-26T20:27:24+01:00
Track fixed version for CVE-2021-28703/xen

Fixed by code cleanup in Xen 4.14, and backported to security-supported
Xen branches as a prerequisite of the fix for XSA-378. 4.14.0-1~exp1 was
the first version in Debian including the fix.

Link: https://xenbits.xen.org/xsa/advisory-387.html

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41245,10 +41245,14 @@ CVE-2021-28704 (PoD operations on misaligned GFNs T[his CNA information record r
 	NOTE: https://xenbits.xen.org/xsa/advisory-388.html
 CVE-2021-28703
 	RESERVED
-	- xen <unfixed>
+	- xen 4.14.0+80-gd101b417b7-1
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-387.html
+	NOTE: Fixed by code cleanup in Xen 4.14, and backported to security-supported Xen branches
+	NOTE: as a prerequisite of the fix for XSA-378. 4.14.0-1~exp1 was the first version in
+	NOTE: Debian including the fix.
+	NOTE: https://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=c65ea16dbcafbe4fe21693b18f8c2a3c5d14600e (4.14.0-rc1)
 CVE-2021-28702 (PCI devices with RMRRs not deassigned correctly Certain PCI devices in ...)
 	- xen <unfixed>
 	[bullseye] - xen <postponed> (Minor issue, fix along with next DSA)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/288596c1fcb82e822a19030188ff6d83f997a0f8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/288596c1fcb82e822a19030188ff6d83f997a0f8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211126/57ca0008/attachment.htm>

More information about the debian-security-tracker-commits mailing list