[Git][security-tracker-team/security-tracker][master] xen DSA
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Mar 24 19:26:55 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f2bcd41f by Moritz Mühlenhoff at 2023-03-24T20:26:20+01:00
xen DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -93432,7 +93432,6 @@ CVE-2022-23825 (Aliases in the branch predictor may cause some AMD processors to
NOTE: https://www.amd.com/system/files/documents/technical-guidance-for-mitigating-branch-type-confusion.pdf
CVE-2022-23824 (IBPB may not prevent return branch predictions from being specified by ...)
- xen 4.16.2+90-g0d39a6d1ae-1
- [bullseye] - xen <postponed> (Fix along in next DSA)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-422.html
NOTE: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1040
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[24 Mar 2023] DSA-5378-1 xen - security update
+ {CVE-2022-23824 CVE-2022-42331 CVE-2022-42332 CVE-2022-42333 CVE-2022-42334}
+ [bullseye] - xen 4.14.5+94-ge49571868d-1
[23 Mar 2023] DSA-5377-1 chromium - security update
{CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 CVE-2023-1533 CVE-2023-1534}
[bullseye] - chromium 111.0.5563.110-1~deb11u1
=====================================
data/dsa-needed.txt
=====================================
@@ -61,8 +61,6 @@ samba
sofia-sip
Maintainer proposed debdiff for review with additional question and sent a followup
--
-xen
---
xrdp
needs some additional clarification, tentatively DSA worthy
maybe upgrade to 0.9.21 within bullseye?
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2bcd41ffcdc985b2e40a8f57a5a000aa4ae3154
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2bcd41ffcdc985b2e40a8f57a5a000aa4ae3154
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230324/e44bd700/attachment.htm>
More information about the debian-security-tracker-commits
mailing list