Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
56135ce2 by Salvatore Bonaccorso at 2019-09-25T07:54:33Z
Keep style of grouping source package entries, rearrange entries
Please do keep the stile and group entries via source packages.
- - - - -
1545a1b8 by Salvatore Bonaccorso at 2019-09-25T07:55:14Z
Remove doubled added information
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -47795,8 +47795,8 @@ CVE-2018-19966 (An issue was discovered in Xen through
4.11.x allowing x86 PV gu
CVE-2018-19965 (An issue was discovered in Xen through 4.11.x allowing 64-bit
PV guest ...)
{DSA-4369-1}
- xen 4.11.1-1
- NOTE: https://xenbits.xen.org/xsa/advisory-279.txt
[jessie] - xen <ignored> (Depends on fix for CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754)
+ NOTE: https://xenbits.xen.org/xsa/advisory-279.txt
CVE-2018-19964 (An issue was discovered in Xen 4.11.x allowing x86 guest OS
users to c ...)
- xen 4.11.1-1
[stretch] - xen <not-affected> (Only affects 4.11)
@@ -91112,11 +91112,11 @@ CVE-2018-3665 (System software utilizing Lazy FP
state restore technique on syst
{DSA-4232-1 DLA-1422-1}
- linux 4.6.1-1
- xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8
+ [jessie] - xen <ignored> (Depends on fix for CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754)
NOTE: https://xenbits.xen.org/xsa/advisory-267.html
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
NOTE: Default eagerfpu=on on all CPUs:
https://git.kernel.org/linus/58122bf1d856a4ea9581d62a07c557d997d46a19
NOTE: Hard-disable lazy FPU mode:
https://git.kernel.org/linus/ca6938a1cd8a1c5e861a99b67f84ac166fc2b9e7
- [jessie] - xen <ignored> (Depends on fix for CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754)
CVE-2018-3664
RESERVED
CVE-2018-3663 (Escalation of privilege in Intel Saffron MemoryBase before 11.4
allows ...)
@@ -91158,6 +91158,7 @@ CVE-2018-3646 (Systems with microprocessors utilizing
speculative execution and
- linux 4.17.15-1
[jessie] - linux <ignored> (Too invasive and risky to apply)
- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
+ [jessie] - xen <ignored> (Depends on fix for CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754)
- intel-microcode 3.20180703.1
NOTE:
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
NOTE: https://foreshadowattack.eu/
@@ -91166,7 +91167,6 @@ CVE-2018-3646 (Systems with microprocessors utilizing
speculative execution and
NOTE: Updates were already shipped with 20180703 release, but only
disclosed later, see #906158
NOTE: The 3.20180703.1 release for intel-microcode was the first batch
of updates which targeted
NOTE: most server type CPUs, additional models were supported in the
3.20180807a.1 release
- [jessie] - xen <ignored> (Depends on fix for CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754)
CVE-2018-3645 (Escalation of privilege in all versions of the Intel Remote
Keyboard a ...)
NOT-FOR-US: Intel
CVE-2018-3644
@@ -91192,6 +91192,7 @@ CVE-2018-3639 (Systems with microprocessors utilizing
speculative execution and
[stretch] - linux 4.9.107-1
[wheezy] - linux <ignored> (Too much work to backport)
- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7
+ [jessie] - xen <ignored> (Depends on fix for CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754)
NOTE: https://xenbits.xen.org/xsa/advisory-263.html
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
@@ -91202,7 +91203,6 @@ CVE-2018-3639 (Systems with microprocessors utilizing
speculative execution and
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=d19d1f965904a533998739698020ff4ee8a103da
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=cfeea0c021db6234c154dbc723730e81553924ff
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=403503b162ffc33fb64cfefdf7b880acf41772cd
- [jessie] - xen <ignored> (Depends on fix for CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754)
CVE-2018-3638 (Escalation of privilege in all versions of the Intel Remote
Keyboard a ...)
NOT-FOR-US: Intel
CVE-2018-3637
@@ -91246,6 +91246,7 @@ CVE-2018-3620 (Systems with microprocessors utilizing
speculative execution and
{DSA-4279-1 DSA-4274-1 DLA-1529-1 DLA-1481-1}
- linux 4.17.15-1
- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
+ [jessie] - xen <ignored> (Depends on fix for CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754)
- intel-microcode 3.20180703.1
NOTE: Updates were already shipped with 20180703 release, but only
disclosed later, see #906158
NOTE:
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
@@ -91254,7 +91255,6 @@ CVE-2018-3620 (Systems with microprocessors utilizing
speculative execution and
NOTE: https://xenbits.xen.org/xsa/advisory-273.html
NOTE: The 3.20180703.1 release for intel-microcode was the first batch
of updates which targeted
NOTE: most server type CPUs, additional models were supported in the
3.20180807a.1 release
- [jessie] - xen <ignored> (Depends on fix for CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754)
CVE-2018-3619 (Information disclosure vulnerability in storage media in
systems with ...)
NOT-FOR-US: Intel
CVE-2018-3618
@@ -137146,9 +137146,6 @@ CVE-2017-5754 (Systems with microprocessors utilizing
speculative execution and
NOTE: http://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html
NOTE: Paper: https://meltdownattack.com/meltdown.pdf
NOTE: https://01.org/security/advisories/intel-oss-10003
- - linux-grsec <removed>
- [jessie] - xen <ignored> (Too intrusive to backport)
- NOTE: https://xenbits.xen.org/xsa/advisory-254.html
CVE-2017-5753 (Systems with microprocessors utilizing speculative execution
and branc ...)
{DSA-4188-1 DSA-4187-1 DLA-1731-1 DLA-1423-1 DLA-1422-1}
- linux 4.15.11-1
@@ -137169,9 +137166,6 @@ CVE-2017-5753 (Systems with microprocessors utilizing
speculative execution and
NOTE:
https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html
NOTE: Paper: https://spectreattack.com/spectre.pdf
NOTE: https://01.org/security/advisories/intel-oss-10002
- - linux-grsec <removed>
- [jessie] - xen <ignored> (Too intrusive to backport)
- NOTE: https://xenbits.xen.org/xsa/advisory-254.html
CVE-2017-5752
RESERVED
CVE-2017-5751
@@ -137300,7 +137294,6 @@ CVE-2017-5715 (Systems with microprocessors utilizing
speculative execution and
- linux-grsec <removed>
- xen 4.11.1~pre+1.733450b39b-1
[jessie] - xen <ignored> (Too intrusive to backport)
- NOTE: https://xenbits.xen.org/xsa/advisory-254.html
CVE-2017-5714
RESERVED
CVE-2017-5713
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/cfc83a8703cb7ddfa9b0e9932c95b9eef806ad60...1545a1b88ce22e3f4ff28cd014eeb18beb29cd35
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/cfc83a8703cb7ddfa9b0e9932c95b9eef806ad60...1545a1b88ce22e3f4ff28cd014eeb18beb29cd35
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
