CVE-2018-12126 (https://nvd.nist.gov/vuln/detail/CVE-2018-12126): ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2018-12127 (https://nvd.nist.gov/vuln/detail/CVE-2018-12127): ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2018-12130 (https://nvd.nist.gov/vuln/detail/CVE-2018-12130): ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2019-11091 (https://nvd.nist.gov/vuln/detail/CVE-2019-11091): ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a97f3c1ad407c786faefa4b10000efd78711247 commit 7a97f3c1ad407c786faefa4b10000efd78711247 Author: Tomas Mozes <hydrapolic@gmail.com> AuthorDate: 2019-05-15 20:07:12 +0000 Commit: Yixun Lan <dlan@gentoo.org> CommitDate: 2019-05-17 08:48:39 +0000 app-emulation/xen: add upstream patches Bug: https://bugs.gentoo.org/686024 Closes: https://bugs.gentoo.org/685458 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Signed-off-by: Yixun Lan <dlan@gentoo.org> app-emulation/xen/Manifest | 1 + app-emulation/xen/{xen-4.12.0.ebuild => xen-4.12.0-r1.ebuild} | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-)
The fixes are included in 4.11/4.12 branches and I'd like to propose to stabilize 4.11 instead of 4.12. We will drop the almost EOL 4.10, 4.11 will be our stable branch and 4.12 our testing branch until 4.13 is out. https://bugs.gentoo.org/683694
@maintainer, please drop 4.10* or let me know and I will.
(In reply to Aaron Bauman from comment #3) > @maintainer, please drop 4.10* or let me know and I will. Feel free to drop 4.10.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1466ee79d4c6f54a71447bb4b58a799bf2102fff commit 1466ee79d4c6f54a71447bb4b58a799bf2102fff Author: Yixun Lan <dlan@gentoo.org> AuthorDate: 2019-10-24 03:05:14 +0000 Commit: Yixun Lan <dlan@gentoo.org> CommitDate: 2019-10-24 03:06:47 +0000 app-emulation/xen-pvgrub: drop old Bug: https://bugs.gentoo.org/686024 Package-Manager: Portage-2.3.78, Repoman-2.3.17 Signed-off-by: Yixun Lan <dlan@gentoo.org> app-emulation/xen-pvgrub/Manifest | 2 - app-emulation/xen-pvgrub/xen-pvgrub-4.10.3.ebuild | 163 ---------------------- app-emulation/xen-pvgrub/xen-pvgrub-4.11.1.ebuild | 163 ---------------------- 3 files changed, 328 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5945ba52919b01a1c3765de9b1970fcddd9e9e0a commit 5945ba52919b01a1c3765de9b1970fcddd9e9e0a Author: Yixun Lan <dlan@gentoo.org> AuthorDate: 2019-10-24 03:03:54 +0000 Commit: Yixun Lan <dlan@gentoo.org> CommitDate: 2019-10-24 03:06:44 +0000 app-emulation/xen-tools: drop old Bug: https://bugs.gentoo.org/686024 Package-Manager: Portage-2.3.78, Repoman-2.3.17 Signed-off-by: Yixun Lan <dlan@gentoo.org> app-emulation/xen-tools/Manifest | 9 - app-emulation/xen-tools/xen-tools-4.10.3-r2.ebuild | 468 -------------------- app-emulation/xen-tools/xen-tools-4.11.1-r5.ebuild | 474 --------------------- 3 files changed, 951 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1c2594ab54c007ac939bf83899b7e3ce5cc3653 commit e1c2594ab54c007ac939bf83899b7e3ce5cc3653 Author: Yixun Lan <dlan@gentoo.org> AuthorDate: 2019-10-24 02:52:40 +0000 Commit: Yixun Lan <dlan@gentoo.org> CommitDate: 2019-10-24 03:06:41 +0000 app-emulation/xen: drop old Bug: https://bugs.gentoo.org/686024 Package-Manager: Portage-2.3.78, Repoman-2.3.17 Signed-off-by: Yixun Lan <dlan@gentoo.org> app-emulation/xen/Manifest | 4 - app-emulation/xen/xen-4.10.3-r1.ebuild | 171 -------------------------------- app-emulation/xen/xen-4.11.1-r3.ebuild | 174 --------------------------------- 3 files changed, 349 deletions(-)
Tree clean.
Added to an existing GLSA.
This issue was resolved and addressed in GLSA 202003-56 at https://security.gentoo.org/glsa/202003-56 by GLSA coordinator Thomas Deutschmann (whissi).
