Debian Bug report logs -
#823620
Multiple security issues
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Fri, 6 May 2016 18:03:02 UTC
Severity: grave
Tags: security
Fixed in versions xen/4.8.0~rc3-1, xen/4.8.0~rc5-1
Done: Ian Jackson <ian.jackson@eu.citrix.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
:
Bug#823620
; Package src:xen
.
(Fri, 06 May 2016 18:03:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
.
(Fri, 06 May 2016 18:03:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: xen
Severity: grave
Tags: security
Multiple vulnerabilities are unfixed in xen:
CVE-2015-5307:
http://xenbits.xen.org/xsa/advisory-156.html
CVE-2016-3960
http://xenbits.xen.org/xsa/advisory-173.html
CVE-2016-3159 / CVE-2016-3158
http://xenbits.xen.org/xsa/advisory-172.html
CVE-2016-2271
http://xenbits.xen.org/xsa/advisory-170.html
CVE-2016-2270
http://xenbits.xen.org/xsa/advisory-154.html
CVE-2016-1571
http://xenbits.xen.org/xsa/advisory-168.html
CVE-2016-1570
http://xenbits.xen.org/xsa/advisory-167.html
CVE-2015-8615
http://xenbits.xen.org/xsa/advisory-169.html
CVE-2015-8555
http://xenbits.xen.org/xsa/advisory-165.html
CVE-2015-8550
http://xenbits.xen.org/xsa/advisory-155.html
CVE-2015-8341
http://xenbits.xen.org/xsa/advisory-160.html
CVE-2015-8340 / CVE-2015-8339
http://xenbits.xen.org/xsa/advisory-159.html
CVE-2015-8338
http://xenbits.xen.org/xsa/advisory-158.html
CVE-2015-8104
http://xenbits.xen.org/xsa/advisory-156.html
CVE-2015-7311
http://xenbits.xen.org/xsa/advisory-142.html
CVE-2015-6654
http://xenbits.xen.org/xsa/advisory-141.html
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
:
Bug#823620
; Package src:xen
.
(Tue, 15 Nov 2016 14:21:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Ian Jackson <ian.jackson@eu.citrix.com>
:
Extra info received and forwarded to list. Copy sent to Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
.
(Tue, 15 Nov 2016 14:21:03 GMT) (full text, mbox, link).
Message #10 received at 823620@bugs.debian.org (full text, mbox, reply):
Control: fixed -1 4.8.0~rc5-1
All these outstanding XSAs are included in the upstream Xen 4.8.0 RC5,
and thereby in the Debian package.
Ian.
Marked as fixed in versions xen/4.8.0~rc5-1.
Request was from Ian Jackson <ian.jackson@eu.citrix.com>
to 823620-submit@bugs.debian.org
.
(Tue, 15 Nov 2016 14:21:03 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
:
Bug#823620
; Package src:xen
.
(Tue, 15 Nov 2016 15:18:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Ian Jackson <ian.jackson@eu.citrix.com>
:
Extra info received and forwarded to list. Copy sent to Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
.
(Tue, 15 Nov 2016 15:18:03 GMT) (full text, mbox, link).
Message #17 received at 823620@bugs.debian.org (full text, mbox, reply):
Control: fixed -1 4.8.0~rc3-1
Ian Jackson writes ("Bug#823620: Multiple security issues, now fixed"):
> Control: fixed -1 4.8.0~rc5-1
>
> All these outstanding XSAs are included in the upstream Xen 4.8.0 RC5,
> and thereby in the Debian package.
Apparently that wasn't enough to mark this bug as closed. Let's try
this.
Ian.
Marked as fixed in versions xen/4.8.0~rc3-1.
Request was from Ian Jackson <ian.jackson@eu.citrix.com>
to 823620-submit@bugs.debian.org
.
(Tue, 15 Nov 2016 15:18:03 GMT) (full text, mbox, link).
Reply sent
to Ian Jackson <ian.jackson@eu.citrix.com>
:
You have taken responsibility.
(Tue, 15 Nov 2016 15:30:03 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>
:
Bug acknowledged by developer.
(Tue, 15 Nov 2016 15:30:04 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Thu, 29 Dec 2016 07:54:34 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:06:32 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.