[Git][security-tracker-team/security-tracker][master] xen fixed in sid / spu

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Feb 4 18:24:08 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8981f534 by Moritz Muehlenhoff at 2024-02-04T19:23:34+01:00
xen fixed in sid / spu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2386,13 +2386,13 @@ CVE-2020-36772 (CloudLinux  CageFS 7.0.8-2 or below insufficiently restricts fil
 CVE-2020-36771 (CloudLinux  CageFS 7.1.1-1 or below passes the authentication token as ...)
 	NOT-FOR-US: CloudLinux CageFS
 CVE-2023-46840 [VT-d: Failure to quarantine devices in !HVM builds]
-	- xen <unfixed>
+	- xen 4.17.3+10-g091466ba55-1
 	[bookworm] - xen <postponed> (Fix along in next update)
 	[bullseye] - xen <not-affected> (Vulnerable code not present)
 	[buster] - xen <not-affected> (Vulnerable code not present)
 	NOTE: https://xenbits.xen.org/xsa/advisory-450.html
 CVE-2023-46839 [pci: phantom functions assigned to incorrect contexts]
-	- xen <unfixed>
+	- xen 4.17.3+10-g091466ba55-1
 	[bookworm] - xen <postponed> (Fix along in next update)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
 	[buster] - xen <end-of-life> (DSA 4677-1)
@@ -21319,7 +21319,7 @@ CVE-2023-34324 (Closing of an event channel in the Linux kernel can result in a
 	NOTE: https://xenbits.xen.org/xsa/advisory-441.html
 	NOTE: https://git.kernel.org/linus/87797fad6cce28ec9be3c13f031776ff4f104cfc (6.6-rc6)
 CVE-2023-46837 (Arm provides multiple helpers to clean & invalidate the cache for a gi ...)
-	- xen <unfixed>
+	- xen 4.17.3+10-g091466ba55-1
 	[bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
 	[buster] - xen <end-of-life> (DSA 4677-1)


=====================================
data/next-point-update.txt
=====================================
@@ -134,3 +134,9 @@ CVE-2024-22705
 	[bookworm] - linux 6.1.76-1
 CVE-2024-23849
 	[bookworm] - linux 6.1.76-1
+CVE-2023-46837
+	[bookworm] - xen 4.17.3+10-g091466ba55-1~deb12u1
+CVE-2023-46840
+	[bookworm] - xen 4.17.3+10-g091466ba55-1~deb12u1
+CVE-2023-46839
+	[bookworm] - xen 4.17.3+10-g091466ba55-1~deb12u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8981f534d574354c6e1da56566d3f5de567e5b85

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8981f534d574354c6e1da56566d3f5de567e5b85
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240204/51c90494/attachment.htm>

More information about the debian-security-tracker-commits mailing list