Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
326a3bac by Salvatore Bonaccorso at 2019-06-19T15:34:16Z
Several xen issues fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4412,7 +4412,7 @@ CVE-2019-11091 (Microarchitectural Data Sampling
Uncacheable Memory (MDSUM): Unc
{DSA-4447-1 DSA-4444-1 DLA-1799-1 DLA-1789-1 DLA-1787-1}
- intel-microcode 3.20190514.1
- linux 4.19.37-2
- - xen <unfixed> (bug #929129)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
NOTE:
https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
NOTE:
https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
NOTE: https://xenbits.xen.org/xsa/advisory-297.html
@@ -9125,31 +9125,31 @@ CVE-2019-9578 (In devs.c in Yubico libu2f-host before
1.1.8, the response to ini
CVE-2019-9577
RESERVED
CVE-2019-XXXX [xen: x86 shadow: Insufficient TLB flushing when using PCID]
- - xen <unfixed> (bug #929992)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929992)
NOTE: https://xenbits.xen.org/xsa/advisory-294.html
CVE-2019-XXXX [xen: x86: PV kernel context switch corruption]
- - xen <unfixed> (bug #929999)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929999)
NOTE: https://xenbits.xen.org/xsa/advisory-293.html
CVE-2019-XXXX [xen: x86: insufficient TLB flushing when using PCID]
- - xen <unfixed> (bug #929993)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929993)
NOTE: https://xenbits.xen.org/xsa/advisory-292.html
CVE-2019-XXXX [xen: x86/PV: page type reference counting issue with failed
IOMMU update]
- - xen <unfixed> (bug #929995)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929995)
NOTE: https://xenbits.xen.org/xsa/advisory-291.html
CVE-2019-XXXX [xen: missing preemption in x86 PV page table unvalidation]
- - xen <unfixed> (bug #929996)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929996)
NOTE: https://xenbits.xen.org/xsa/advisory-290.html
CVE-2019-XXXX [xen: x86: Inconsistent PV IOMMU discipline]
- - xen <unfixed> (bug #929994)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929994)
NOTE: https://xenbits.xen.org/xsa/advisory-288.html
CVE-2019-XXXX [xen: x86: steal_page violates page_struct access discipline]
- - xen <unfixed> (bug #930001)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #930001)
NOTE: https://xenbits.xen.org/xsa/advisory-287.html
CVE-2019-XXXX [xen: race with pass-through device hotplug]
- - xen <unfixed> (bug #929998)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929998)
NOTE: https://xenbits.xen.org/xsa/advisory-285.html
CVE-2019-XXXX [xen: grant table transfer issues on large hosts]
- - xen <unfixed> (bug #929991)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929991)
NOTE: https://xenbits.xen.org/xsa/advisory-284.html
CVE-2019-9576 (The Blog2Social plugin before 5.0.3 for WordPress allows
wp-admin/admi ...)
NOT-FOR-US: WordPress plugin blog2social
@@ -53707,7 +53707,7 @@ CVE-2018-12130 (Microarchitectural Fill Buffer Data
Sampling (MFBDS): Fill buffe
{DSA-4447-1 DSA-4444-1 DLA-1799-1 DLA-1789-1 DLA-1787-1}
- intel-microcode 3.20190514.1
- linux 4.19.37-2
- - xen <unfixed> (bug #929129)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
NOTE:
https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
NOTE:
https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
NOTE: https://xenbits.xen.org/xsa/advisory-297.html
@@ -53722,7 +53722,7 @@ CVE-2018-12127 (Microarchitectural Load Port Data
Sampling (MLPDS): Load ports o
{DSA-4447-1 DSA-4444-1 DLA-1799-1 DLA-1789-1 DLA-1787-1}
- intel-microcode 3.20190514.1
- linux 4.19.37-2
- - xen <unfixed> (bug #929129)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
NOTE:
https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
NOTE:
https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
NOTE: https://xenbits.xen.org/xsa/advisory-297.html
@@ -53733,7 +53733,7 @@ CVE-2018-12126 (Microarchitectural Store Buffer Data
Sampling (MSBDS): Store buf
{DSA-4447-1 DSA-4444-1 DLA-1799-1 DLA-1789-1 DLA-1787-1}
- intel-microcode 3.20190514.1
- linux 4.19.37-2
- - xen <unfixed> (bug #929129)
+ - xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
NOTE:
https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
NOTE:
https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
NOTE: https://xenbits.xen.org/xsa/advisory-297.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/326a3bac70feb43319f76e6bb2b67dd4291533ea
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/326a3bac70feb43319f76e6bb2b67dd4291533ea
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
