[Git][security-tracker-team/security-tracker][master] xen DSA

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Dec 26 14:42:32 GMT 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1e2bb804 by Moritz Mühlenhoff at 2024-12-26T15:40:51+01:00
xen DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -73611,7 +73611,6 @@ CVE-2024-2201 (A cross-privilege Spectre v2 vulnerability allows attackers to by
 	- linux 6.8.9-1
 	[experimental] - xen 4.19.0+14-g0918434e0f-1~exp1
 	- xen 4.19.1-1
-	[bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://vusec.net/projects/native-bhi
@@ -73633,13 +73632,11 @@ CVE-2024-31144 [Xapi: Metadata injection attack against backup/restore functiona
 CVE-2024-31143 (An optional feature of PCI MSI called "Multiple Message" allows a devi ...)
 	[experimental] - xen 4.19.0+14-g0918434e0f-1~exp1
 	- xen 4.19.1-1
-	[bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
 	NOTE: https://xenbits.xen.org/xsa/advisory-458.html
 CVE-2024-31142 (Because of a logical error in XSA-407 (Branch Type Confusion), the mit ...)
 	[experimental] - xen 4.19.0+14-g0918434e0f-1~exp1
 	- xen 4.19.1-1
-	[bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-455.html
@@ -82153,7 +82150,6 @@ CVE-2023-28746 (Information exposure through microarchitectural state after tran
 	[bookworm] - linux 6.1.82-1
 	[experimental] - xen 4.19.0+14-g0918434e0f-1~exp1
 	- xen 4.19.1-1
-	[bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html
@@ -82165,7 +82161,6 @@ CVE-2024-2193 (A Speculative Race Condition (SRC) vulnerability that impacts mod
 	- linux <unfixed>
 	[experimental] - xen 4.19.0+14-g0918434e0f-1~exp1
 	- xen 4.19.1-1
-	[bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://www.openwall.com/lists/oss-security/2024/03/12/14
@@ -93744,13 +93739,11 @@ CVE-2020-36771 (CloudLinux CageFS 7.1.1-1 or below passes the authentication tok
 CVE-2023-46842 (Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit a ...)
 	[experimental] - xen 4.19.0+14-g0918434e0f-1~exp1
 	- xen 4.19.1-1
-	[bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
 	[buster] - xen <not-affected> (Vulnerable code not present)
 	NOTE: https://xenbits.xen.org/xsa/advisory-454.html
 CVE-2023-46841 (Recent x86 CPUs offer functionality named Control-flow Enforcement Tec ...)
 	- xen 4.17.3+36-g54dacb5c02-1
-	[bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
 	[buster] - xen <not-affected> (Vulnerable code not present)
 	NOTE: https://xenbits.xen.org/xsa/advisory-451.html


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Dec 2024] DSA-5836-1 xen - security update
+	{CVE-2023-28746 CVE-2023-46841 CVE-2023-46842 CVE-2024-2193 CVE-2024-2201 CVE-2024-31142 CVE-2024-31143 CVE-2024-31145 CVE-2024-31146 CVE-2024-45817 CVE-2024-45818 CVE-2024-45819}
+	[bookworm] - xen 4.17.5+23-ga4e5191dc0-1
 [25 Dec 2024] DSA-5835-1 webkit2gtk - security update
 	{CVE-2024-54479 CVE-2024-54502 CVE-2024-54505 CVE-2024-54508}
 	[bookworm] - webkit2gtk 2.46.5-1~deb12u1


=====================================
data/dsa-needed.txt
=====================================
@@ -56,7 +56,5 @@ trafficserver
 --
 wordpress
 --
-xen (jmm)
---
 zabbix
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e2bb804313e8d731d0d2855a4186d338a83b0c8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e2bb804313e8d731d0d2855a4186d338a83b0c8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241226/854be5f1/attachment.htm>


More information about the debian-security-tracker-commits mailing list