subject:"\[Git\]\[security\-tracker\-team\/security\-tracker\]\[master\] xen DSA"

[Git][security-tracker-team/security-tracker][master] xen DSA

2023-03-24 Thread Moritz Muehlenhoff (@jmm)



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f2bcd41f by Moritz Mühlenhoff at 2023-03-24T20:26:20+01:00
xen DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=
data/CVE/list
=
@@ -93432,7 +93432,6 @@ CVE-2022-23825 (Aliases in the branch predictor may 
cause some AMD processors to
NOTE: 
https://www.amd.com/system/files/documents/technical-guidance-for-mitigating-branch-type-confusion.pdf
 CVE-2022-23824 (IBPB may not prevent return branch predictions from being 
specified by ...)
- xen 4.16.2+90-g0d39a6d1ae-1
-   [bullseye] - xen  (Fix along in next DSA)
[buster] - xen  (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-422.html
NOTE: 
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1040


=
data/DSA/list
=
@@ -1,3 +1,6 @@
+[24 Mar 2023] DSA-5378-1 xen - security update
+   {CVE-2022-23824 CVE-2022-42331 CVE-2022-42332 CVE-2022-42333 
CVE-2022-42334}
+   [bullseye] - xen 4.14.5+94-ge49571868d-1
 [23 Mar 2023] DSA-5377-1 chromium - security update
{CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 
CVE-2023-1533 CVE-2023-1534}
[bullseye] - chromium 111.0.5563.110-1~deb11u1


=
data/dsa-needed.txt
=
@@ -61,8 +61,6 @@ samba
 sofia-sip
   Maintainer proposed debdiff for review with additional question and sent a 
followup
 --
-xen
---
 xrdp
   needs some additional clarification, tentatively DSA worthy
   maybe upgrade to 0.9.21 within bullseye?



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2bcd41ffcdc985b2e40a8f57a5a000aa4ae3154

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2bcd41ffcdc985b2e40a8f57a5a000aa4ae3154
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] xen DSA

2021-12-05 Thread Moritz Muehlenhoff (@jmm)



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c257023f by Moritz Mühlenhoff at 2021-12-05T12:32:32+01:00
xen DSA

- - - - -


2 changed files:

- data/DSA/list
- data/dsa-needed.txt


Changes:

=
data/DSA/list
=
@@ -1,3 +1,6 @@
+[05 Dec 2021] DSA-5017-1 xen - security update
+   {CVE-2021-28704 CVE-2021-28705 CVE-2021-28706 CVE-2021-28707 
CVE-2021-28708 CVE-2021-28709}
+   [bullseye] - xen 4.14.3+32-g9de3671772-1~deb11u1
 [01 Dec 2021] DSA-5016-1 nss - security update
{CVE-2021-43527}
[buster] - nss 2:3.42.1-1+deb10u4


=
data/dsa-needed.txt
=
@@ -62,7 +62,3 @@ varnish
 --
 wireshark
 --
-xen
-  Maintainer proposed an update, but might be very well as well an option via 
point release
-  given the timeline and the kernel upgrade pending.
---



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c257023f5caefc043fabd67de9ec9a156c68f1c2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c257023f5caefc043fabd67de9ec9a156c68f1c2
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] xen DSA

2021-09-20 Thread Moritz Muehlenhoff (@jmm)



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
84abb234 by Moritz Mühlenhoff at 2021-09-20T21:00:51+02:00
xen DSA

- - - - -


2 changed files:

- data/DSA/list
- data/dsa-needed.txt


Changes:

=
data/DSA/list
=
@@ -1,3 +1,6 @@
+[20 Sep 2021] DSA-4977-1 xen - security update
+   {CVE-2021-28694 CVE-2021-28695 CVE-2021-28696 CVE-2021-28697 
CVE-2021-28698 CVE-2021-28699 CVE-2021-28700 CVE-2021-28701}
+   [bullseye] - xen 4.14.3-1~deb11u1
 [20 Sep 2021] DSA-4976-1 wpewebkit - security update
{CVE-2021-30858}
[bullseye] - wpewebkit 2.32.4-1~deb11u1


=
data/dsa-needed.txt
=
@@ -51,5 +51,3 @@ varnish
 wordpress (seb)
   2021-09-13: Craig Small prepared an upload for bullseye
 --
-xen (jmm)
---



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84abb234ce66a318f812ea9affd925b1453123b6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84abb234ce66a318f812ea9affd925b1453123b6
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] xen DSA

2021-06-15 Thread Moritz Muehlenhoff (@jmm)



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cbd560ad by Moritz Mühlenhoff at 2021-06-15T22:50:15+02:00
xen DSA

- - - - -


2 changed files:

- data/DSA/list
- data/dsa-needed.txt


Changes:

=
data/DSA/list
=
@@ -1,3 +1,6 @@
+[15 Jun 2021] DSA-4931-1 xen - security update
+   {CVE-2021-0089 CVE-2021-26313 CVE-2021-28690 CVE-2021-28692}
+   [buster] - xen 4.11.4+107-gef32c7afa2-1
 [10 Jun 2021] DSA-4930-1 libwebp - security update
{CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25013 
CVE-2018-25014 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 
CVE-2020-36332}
[buster] - libwebp 0.6.1-2+deb10u1


=
data/dsa-needed.txt
=
@@ -37,5 +37,3 @@ runc
 --
 salt
 --
-xen (jmm)
---



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbd560ad922817219b42cd574591dab88e62b4c3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbd560ad922817219b42cd574591dab88e62b4c3
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] xen DSA

2020-12-15 Thread Moritz Muehlenhoff



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b97c505b by Moritz Mühlenhoff at 2020-12-15T13:48:09+01:00
xen DSA

- - - - -


1 changed file:

- data/DSA/list


Changes:

=
data/DSA/list
=
@@ -1,3 +1,6 @@
+[15 Dec 2020] DSA-4812-1 xen - security update
+   {CVE-2020-29479 CVE-2020-29480 CVE-2020-29481 CVE-2020-29482 
CVE-2020-29483 CVE-2020-29484 CVE-2020-29485 CVE-2020-29486 CVE-2020-29566 
CVE-2020-29570 CVE-2020-29571}
+   [buster] - xen 4.11.4+57-g41a822c392-2
 [15 Dec 2020] DSA-4811-1 libxstream-java - security update
{CVE-2020-26217}
[buster] - libxstream-java 1.4.11.1-1+deb10u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b97c505b90d413f78c7dcf198d508b6e770e00ec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b97c505b90d413f78c7dcf198d508b6e770e00ec
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] xen DSA

2020-10-02 Thread Moritz Muehlenhoff



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d35dcede by Moritz Muehlenhoff at 2020-10-02T19:13:24+02:00
xen DSA

- - - - -


2 changed files:

- data/DSA/list
- data/dsa-needed.txt


Changes:

=
data/DSA/list
=
@@ -1,3 +1,6 @@
+[02 Oct 2020] DSA-4769-1 xen - security update
+   {CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25599 
CVE-2020-25600 CVE-2020-25601 CVE-2020-25602 CVE-2020-25603 CVE-2020-25604}
+   [buster] - xen 4.11.4+37-g3263f257ca-1
 [28 Sep 2020] DSA-4768-1 firefox-esr - security update
{CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678}
[buster] - firefox-esr 78.3.0esr-1~deb10u1


=
data/dsa-needed.txt
=
@@ -35,5 +35,3 @@ thunderbird (jmm)
 xcftools
   Hugo proposed to work on this update
 --
-xen (jmm)
---



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d35dcede6e3fa820be995448e894e5e55193cb56

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d35dcede6e3fa820be995448e894e5e55193cb56
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] xen DSA

2020-01-13 Thread Moritz Muehlenhoff



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9df07e2a by Moritz Muehlenhoff at 2020-01-13T23:10:10+01:00
xen DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=
data/CVE/list
=
@@ -40778,6 +40778,7 @@ CVE-2019-11135 (TSX Asynchronous Abort condition on 
some CPUs utilizing speculat
- linux 5.3.9-2
- intel-microcode 3.20191112.1
- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: 
https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort
NOTE: https://xenbits.xen.org/xsa/advisory-305.html
NOTE: The 3.20191112.1 release for intel-microcode did contain most 
updates, additional
@@ -40873,6 +40874,7 @@ CVE-2019-11091 (Microarchitectural Data Sampling 
Uncacheable Memory (MDSUM): Unc
- intel-microcode 3.20190514.1
- linux 4.19.37-2
- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen  (Depends on fix for CVE-2017-5715, 
CVE-2017-5753, CVE-2017-5754)
NOTE: 
https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
NOTE: 
https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
@@ -46124,37 +46126,46 @@ CVE-2019-17349 (An issue was discovered in Xen 
through 4.12.x allowing Arm domU
NOTE: https://xenbits.xen.org/xsa/advisory-295.html
 CVE-2019-17348 (An issue was discovered in Xen through 4.11.x allowing x86 PV 
guest OS ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929992)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen  (PCID support not backported)
NOTE: https://xenbits.xen.org/xsa/advisory-294.html
 CVE-2019-17347 (An issue was discovered in Xen through 4.11.x allowing x86 PV 
guest OS ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #92)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://xenbits.xen.org/xsa/advisory-293.html
 CVE-2019-17346 (An issue was discovered in Xen through 4.11.x allowing x86 PV 
guest OS ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929993)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen  (PCID support not backported)
NOTE: https://xenbits.xen.org/xsa/advisory-292.html
 CVE-2019-17345 (An issue was discovered in Xen 4.8.x through 4.11.x allowing 
x86 PV gu ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929995)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen  (only 4.8 and later affected)
NOTE: https://xenbits.xen.org/xsa/advisory-291.html
 CVE-2019-17344 (An issue was discovered in Xen through 4.11.x allowing x86 PV 
guest OS ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929996)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen  (Introduced by ignored fix for 
CVE-2018-3646)
NOTE: https://xenbits.xen.org/xsa/advisory-290.html
 CVE-2019-17343 (An issue was discovered in Xen through 4.11.x allowing x86 PV 
guest OS ...)
{DLA-1949-1}
- xen 4.11.1+92-g6c33308a8d-1 (bug #929994)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://xenbits.xen.org/xsa/advisory-288.html
 CVE-2019-17342 (An issue was discovered in Xen through 4.11.x allowing x86 PV 
guest OS ...)
{DLA-1949-1}
- xen 4.11.1+92-g6c33308a8d-1 (bug #930001)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://xenbits.xen.org/xsa/advisory-287.html
 CVE-2019-17341 (An issue was discovered in Xen through 4.11.x allowing x86 PV 
guest OS ...)
{DLA-1949-1}
- xen 4.11.1+92-g6c33308a8d-1 (bug #929998)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: https://xenbits.xen.org/xsa/advisory-285.html
 CVE-2019-17340 (An issue was discovered in Xen through 4.11.x allowing x86 
guest OS us ...)
- xen 4.11.1+92-g6c33308a8d-1 (bug #929991)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
[jessie] - xen  (memory leak on huge memory machines)
NOTE: https://xenbits.xen.org/xsa/advisory-284.html
 CVE-2019-9576 (The Blog2Social plugin before 5.0.3 for WordPress allows 
wp-admin/admi ...)
@@ -91629,6 +91640,7 @@ CVE-2018-12207 (Improper invalidation for page table 
updates by a virtual guest
- linux 5.3.9-2
[jessie] - linux  (Untrusted guests are no longer supportable)
- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
+   [stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
NOTE: 
https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change-0
NOTE:

[Git][security-tracker-team/security-tracker][master] xen DSA

2018-06-27 Thread Moritz Muehlenhoff

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d7569c9a by Moritz Muehlenhoff at 2018-06-27T23:17:30+02:00
xen DSA

- - - - -


1 changed file:

- data/DSA/list


Changes:

=
data/DSA/list
=
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,6 @@
+[27 Jun 2018] DSA-4236-1 xen - security update
+   {CVE-2018-12891 CVE-2018-12892 CVE-2018-12893}
+   [stretch] - xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
 [27 Jun 2018] DSA-4235-1 firefox-esr - security update
{CVE-2018-5156 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 
CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366}
[stretch] - firefox-esr 52.9.0esr-1~deb9u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d7569c9aea0195f76cc2e68956f7ca7ee5629901

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d7569c9aea0195f76cc2e68956f7ca7ee5629901
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] xen DSA

2018-06-20 Thread Moritz Muehlenhoff

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
83300c9f by Moritz Muehlenhoff at 2018-06-20T08:57:50+02:00
xen DSA

- - - - -


1 changed file:

- data/DSA/list


Changes:

=
data/DSA/list
=
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,6 @@
+[20 Jun 2018] DSA-4232-1 xen - security update
+   {CVE-2018-3665}
+   [stretch] - xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8
 [17 Jun 2018] DSA-4231-1 libgcrypt20 - security update
{CVE-2018-0495}
[stretch] - libgcrypt20 1.7.6-2+deb9u3



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/83300c9f96ef7742ddbda7d55e49e4dc92445bfd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/83300c9f96ef7742ddbda7d55e49e4dc92445bfd
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] xen DSA

2018-05-15 Thread Moritz Muehlenhoff

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
24421d64 by Moritz Muehlenhoff at 2018-05-15T21:58:06+02:00
xen DSA

- - - - -


2 changed files:

- data/DSA/list
- data/dsa-needed.txt


Changes:

=
data/DSA/list
=
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,6 @@
+[15 May 2018] DSA-4201-1 xen - security update
+   {CVE-2018-8897 CVE-2018-10471 CVE-2018-10472 CVE-2018-10981 
CVE-2018-10982}
+   [stretch] - xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6
 [14 May 2018] DSA-4200-1 kwallet-pam - security update
{CVE-2018-10380}
[stretch] - kwallet-pam 5.8.4-1+deb9u2


=
data/dsa-needed.txt
=
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -88,7 +88,5 @@ vlc (jmm)
 --
 wavpack (jmm)
 --
-xen
---
 zendframework/oldstable
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/24421d64f881ea3e0a2e2421f62d3aeff51b049e

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/24421d64f881ea3e0a2e2421f62d3aeff51b049e
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] xen DSA

[Git][security-tracker-team/security-tracker][master] xen DSA

[Git][security-tracker-team/security-tracker][master] xen DSA

[Git][security-tracker-team/security-tracker][master] xen DSA

[Git][security-tracker-team/security-tracker][master] xen DSA

[Git][security-tracker-team/security-tracker][master] xen DSA

[Git][security-tracker-team/security-tracker][master] xen DSA

[Git][security-tracker-team/security-tracker][master] xen DSA

[Git][security-tracker-team/security-tracker][master] xen DSA

[Git][security-tracker-team/security-tracker][master] xen DSA

10 matches

Site Navigation

Mail list logo

Footer information