Summary: | <app-emulation/xen-{4.10.1-r1,4.11.0}: multiple vulnerabilities (XSA-{264,265,266}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Vlad K. <vk-gentoo-bugs> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | hydrapolic, xen |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/gentoo/gentoo/pull/9217 | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 655188 | ||
Bug Blocks: |
Description
Vlad K.
2018-06-27 21:53:34 UTC
Revising severity: no specific configuration required, and per XSA-266 the domU users may be able to modify assigned read-only SCSI disk images. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2ef4e6575bdfb96b79db1469f37a5b9c3de2ab17 commit 2ef4e6575bdfb96b79db1469f37a5b9c3de2ab17 Author: Tomas Mozes <hydrapolic@gmail.com> AuthorDate: 2018-07-13 16:55:30 +0000 Commit: Mikle Kolyada <zlogene@gentoo.org> CommitDate: 2018-07-17 11:06:56 +0000 app-emulation/xen: bump to 4.11.0 Bug: https://bugs.gentoo.org/659442 Package-Manager: Portage-2.3.42, Repoman-2.3.9 app-emulation/xen-tools/Manifest | 2 +- app-emulation/xen/Manifest | 3 +- app-emulation/xen/xen-4.11.0.ebuild | 172 ++++++++++++++++++++++++++++++++++++ 3 files changed, 175 insertions(+), 2 deletions(-) Added to an existing GLSA. This issue was resolved and addressed in GLSA 201810-06 at https://security.gentoo.org/glsa/201810-06 by GLSA coordinator Thomas Deutschmann (whissi). |