Date: Tue, 29 Nov 2016 23:20:52 +0000
From: bugzilla-noreply@freebsd.org
To: freebsd-ports-bugs@FreeBSD.org
Subject: [Bug 214936] emulators/xen {-tools/-kernel}: security advisories (XSA-185 - XSA-201)
Message-ID: <bug-214936-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214936 Bug ID: 214936 Summary: emulators/xen {-tools/-kernel}: security advisories (XSA-185 - XSA-201) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: royger@freebsd.org Reporter: junovitch@freebsd.org Assignee: royger@freebsd.org Flags: maintainer-feedback?(royger@freebsd.org) Roger, There was a handful of Xen advisories earlier last week and a few missed in September. Please advise on applicability for VuXML and take a look at what= we need to do to get our end users safeguared. Advisory Public release Updated Version CVE(s) Title XSA-201 2016-11-29 14:48 2016-11-29 14:48 1 none (yet) assigned ARM guests may induce host asynchronous abort XSA-200 2016-12-13 12:00 none (yet) assigned=20=20= =20=20 (Prereleased, but embargoed) XSA-199 2016-12-06 12:00 assigned, but embargoed (Prereleased, but embargoed) XSA-198 2016-11-22 12:00 2016-11-22 12:00 3 CVE-2016-93= 79 CVE-2016-9380 delimiter injection vulnerabilities in pygrub XSA-197 2016-11-22 12:00 2016-11-22 12:00 3 CVE-2016-93= 81=20=20 qemu incautious about shared ring processing XSA-196 2016-11-22 12:00 2016-11-22 12:00 3 CVE-2016-93= 77 CVE-2016-9378 x86 software interrupt injection mis-handled XSA-195 2016-11-22 12:00 2016-11-22 12:00 3 CVE-2016-93= 83=20=20 x86 64-bit bit test instruction emulation broken XSA-194 2016-11-22 12:00 2016-11-22 12:00 3 CVE-2016-93= 84=20=20 guest 32-bit ELF symbol table load leaking host data XSA-193 2016-11-22 12:00 2016-11-22 12:00 3 CVE-2016-93= 85=20=20 x86 segment base write emulation lacking canonical address checks XSA-192 2016-11-22 12:00 2016-11-22 12:00 3 CVE-2016-93= 82=20=20 x86 task switch to VM86 mode mis-handled XSA-191 2016-11-22 12:00 2016-11-22 12:00 3 CVE-2016-93= 86=20=20 x86 null segments not always treated as unusable XSA-190 2016-10-04 12:00 2016-10-04 12:50 5 CVE-2016-77= 77=20=20 CR0.TS and CR0.EM not always honored for x86 HVM guests XSA-189 2016-09-21 09:46 - - Unused Xen Security Advisory number XSA-188 2016-09-08 12:00 2016-09-08 12:00 3 CVE-2016-71= 54=20=20 use after free in FIFO event channel code XSA-187 2016-09-08 12:00 2016-09-08 12:04 3 CVE-2016-70= 94=20=20 x86 HVM: Overflow of sh_ctxt->seg_reg[] XSA-186 2016-09-08 12:00 2016-09-08 12:00 4 CVE-2016-70= 93=20=20 x86: Mishandling of instruction pointer truncation during emulation XSA-185 2016-09-08 12:00 2016-09-08 12:00 3 CVE-2016-70= 92=20=20 x86: Disallow L3 recursive pagetable for 32-bit PV guests --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-214936-13>