- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
on invalid state load CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch - bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient resource limiting in VNC websockets decoder CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch - bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on invalid state load CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch - bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient bits_per_pixel from the client sanitization CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch - bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer overun on invalid state CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch - bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer overflow in non-loopback mode CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch - bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch - bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=395
This commit is contained in:
Charles Arnold
committed by
Git OBS Bridge
Git OBS Bridge
parent
8292994238
commit
39134eb9d2
79
xen.changes
79
xen.changes
@@ -1,3 +1,82 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 20 08:21:42 MST 2016 - carnold@suse.com
|
||||
|
||||
- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
|
||||
on invalid state load
|
||||
CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 19 09:23:56 MST 2016 - carnold@suse.com
|
||||
|
||||
- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient
|
||||
resource limiting in VNC websockets decoder
|
||||
CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
|
||||
CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
|
||||
- bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on
|
||||
invalid state load
|
||||
CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
|
||||
- bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient
|
||||
bits_per_pixel from the client sanitization
|
||||
CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 18 09:04:10 MST 2016 - carnold@suse.com
|
||||
|
||||
- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer
|
||||
overun on invalid state
|
||||
CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
|
||||
- bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer
|
||||
overflow in non-loopback mode
|
||||
CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
|
||||
CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 13 09:56:52 MST 2016 - carnold@suse.com
|
||||
|
||||
- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in
|
||||
processing firmware configurations
|
||||
CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
|
||||
CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 11 11:51:45 MST 2016 - carnold@suse.com
|
||||
|
||||
- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based
|
||||
buffer overflow in megasas_ctrl_get_info
|
||||
CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
|
||||
- bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci
|
||||
use-after-free vulnerability in aio port commands
|
||||
CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 7 10:38:20 MST 2016 - carnold@suse.com
|
||||
|
||||
- bsc#959695 - missing docs for xen
|
||||
xen.spec
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 6 10:38:36 MST 2016 - carnold@suse.com
|
||||
|
||||
- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with
|
||||
INVLPG on non-canonical address (XSA-168)
|
||||
xsa168.patch
|
||||
- bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage
|
||||
functionality missing sanity checks (XSA-167)
|
||||
xsa167.patch
|
||||
- bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect
|
||||
l2 header validation leads to a crash via assert(2) call
|
||||
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 5 13:56:08 MST 2016 - carnold@suse.com
|
||||
|
||||
- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers
|
||||
leads to a crash via assert(2) call
|
||||
CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
|
||||
- bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access
|
||||
in ioport r/w functions
|
||||
CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 4 11:32:10 MST 2016 - carnold@suse.com
|
||||
|
||||
|
||||
Reference in New Issue
Block a user