Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-5307 CVE-2016-3960 CVE-2016-3159 CVE-2016-3158 CVE-2016-2271 CVE-2016-2270 CVE-2016-1571 CVE-2016-1570 CVE-2015-8615 CVE-2015-8555 CVE-2015-8550 CVE-2015-8341 CVE-2015-8340 CVE-2015-8339 CVE-2015-8338 CVE-2015-8104 CVE-2015-7311 CVE-2015-6654

Source

Debian Bug report logs - #823620
Multiple security issues

Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>;

Reported by: Moritz Muehlenhoff <jmm@debian.org>

Date: Fri, 6 May 2016 18:03:02 UTC

Severity: grave

Tags: security

Fixed in versions xen/4.8.0~rc3-1, xen/4.8.0~rc5-1

Done: Ian Jackson <ian.jackson@eu.citrix.com>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>:
Bug#823620; Package src:xen. (Fri, 06 May 2016 18:03:06 GMT) (full text, mbox, link).

Acknowledgement sent to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>. (Fri, 06 May 2016 18:03:06 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

Source: xen
Severity: grave
Tags: security

Multiple vulnerabilities are unfixed in xen:

CVE-2015-5307:
http://xenbits.xen.org/xsa/advisory-156.html

CVE-2016-3960
http://xenbits.xen.org/xsa/advisory-173.html

CVE-2016-3159 / CVE-2016-3158
http://xenbits.xen.org/xsa/advisory-172.html

CVE-2016-2271
http://xenbits.xen.org/xsa/advisory-170.html

CVE-2016-2270
http://xenbits.xen.org/xsa/advisory-154.html

CVE-2016-1571
http://xenbits.xen.org/xsa/advisory-168.html

CVE-2016-1570
http://xenbits.xen.org/xsa/advisory-167.html

CVE-2015-8615
http://xenbits.xen.org/xsa/advisory-169.html

CVE-2015-8555
http://xenbits.xen.org/xsa/advisory-165.html

CVE-2015-8550
http://xenbits.xen.org/xsa/advisory-155.html

CVE-2015-8341
http://xenbits.xen.org/xsa/advisory-160.html

CVE-2015-8340 / CVE-2015-8339
http://xenbits.xen.org/xsa/advisory-159.html

CVE-2015-8338
http://xenbits.xen.org/xsa/advisory-158.html

CVE-2015-8104
http://xenbits.xen.org/xsa/advisory-156.html
 
CVE-2015-7311
http://xenbits.xen.org/xsa/advisory-142.html

CVE-2015-6654
http://xenbits.xen.org/xsa/advisory-141.html

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>:
Bug#823620; Package src:xen. (Tue, 15 Nov 2016 14:21:03 GMT) (full text, mbox, link).

Acknowledgement sent to Ian Jackson <ian.jackson@eu.citrix.com>:
Extra info received and forwarded to list. Copy sent to Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>. (Tue, 15 Nov 2016 14:21:03 GMT) (full text, mbox, link).

Message #10 received at 823620@bugs.debian.org (full text, mbox, reply):

Control: fixed -1 4.8.0~rc5-1

All these outstanding XSAs are included in the upstream Xen 4.8.0 RC5,
and thereby in the Debian package.

Ian.

Marked as fixed in versions xen/4.8.0~rc5-1. Request was from Ian Jackson <ian.jackson@eu.citrix.com> to 823620-submit@bugs.debian.org. (Tue, 15 Nov 2016 14:21:03 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>:
Bug#823620; Package src:xen. (Tue, 15 Nov 2016 15:18:03 GMT) (full text, mbox, link).

Acknowledgement sent to Ian Jackson <ian.jackson@eu.citrix.com>:
Extra info received and forwarded to list. Copy sent to Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>. (Tue, 15 Nov 2016 15:18:03 GMT) (full text, mbox, link).

Message #17 received at 823620@bugs.debian.org (full text, mbox, reply):

Control: fixed -1 4.8.0~rc3-1

Ian Jackson writes ("Bug#823620: Multiple security issues, now fixed"):
> Control: fixed -1 4.8.0~rc5-1
> 
> All these outstanding XSAs are included in the upstream Xen 4.8.0 RC5,
> and thereby in the Debian package.

Apparently that wasn't enough to mark this bug as closed.  Let's try
this.

Ian.

Marked as fixed in versions xen/4.8.0~rc3-1. Request was from Ian Jackson <ian.jackson@eu.citrix.com> to 823620-submit@bugs.debian.org. (Tue, 15 Nov 2016 15:18:03 GMT) (full text, mbox, link).

Reply sent to Ian Jackson <ian.jackson@eu.citrix.com>:
You have taken responsibility. (Tue, 15 Nov 2016 15:30:03 GMT) (full text, mbox, link).

Notification sent to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer. (Tue, 15 Nov 2016 15:30:04 GMT) (full text, mbox, link).

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Thu, 29 Dec 2016 07:54:34 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 16:06:32 2019; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Multiple security issues

Debian Bug report logs - #823620
Multiple security issues

Vulmon Search

About

Products

Connect

Multiple security issues

Debian Bug report logs - #823620 Multiple security issues

Vulmon Search

About

Products

Connect

Debian Bug report logs - #823620
Multiple security issues