Summary: | <app-emulation/xen-4.2.1: Multiple vulnerabilities (CVE-2012-{3494,3495,3496,3497,3498,3515,4411,4535,4536,4537,4538,4539,6030,6031,6032,6033,6034,6035,6036}) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | major | CC: | xen | ||||
Priority: | Normal | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | B1 [glsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
GLSAMaker/CVETool Bot
2012-11-29 20:57:34 UTC
Created attachment 378664 [details]
XSA-15 commit log
Quote:
Fixed in upstream patches: CVE-2012-{3494,3495,3496,3498,3515,4411,4535,4536,4537,4538,4539}
for those already fixed (has patches) in upstream, I've surely they already included in our ebuilds,
current in tree version:
xen-4.2.4-r2 xen-4.3.2-r2 xen-4.4.0-r3
xen-tools-4.2.4-r2 xen-tools-4.3.2-r2 xen-tools-4.4.0-r5
Quote:
Not yet fixed upstream: CVE-2012-{3497,6030,6031,6032,6033,6034,6035,6036}
this is XSA-15, and already fixed in >=xen-4.2.1, see attached commit log for detail info.
Added to existing GLSA. This issue was resolved and addressed in GLSA 201604-03 at https://security.gentoo.org/glsa/201604-03 by GLSA coordinator Yury German (BlueKnight). |