Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4274-1] xen security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4274-1] xen security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4274-1] xen security update
  • Date: Thu, 16 Aug 2018 20:47:43 +0000
  • List-archive: https://lists.debian.org/msgid-search/20180816204743.ns6c5uorqahjmglo AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Thu, 16 Aug 2018 20:48:11 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <NEugUV5FUoL.A.GiF.LMedbB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4274-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2018-3620 CVE-2018-3646

This update provides mitigations for the "L1 Terminal Fault"
vulnerability affecting a range of Intel CPUs.

For additional information please refer to
https://xenbits.xen.org/xsa/advisory-273.html. The microcode updates
mentioned there are not yet available in a form distributable by Debian.

In addition two denial of service vulnerabilities have been fixed
(XSA-268 and XSA-269).

For the stable distribution (stretch), these problems have been fixed in
version 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlt14mwACgkQEMKTtsN8
Tjb2LhAAokwmlGxyJPC3EGG9aOLKNv23G9OzLLNRm+cy150WAMgBio+bR2CAgkfX
qu/ftFPLeKfIRbo9nLBFHQLMKlmDdFzLeicXe7GtnKcAMkt0Wp+rYIj66TMkjrMg
2kJI68ECc5Rqj3fMZ+dgkxSHzhylUGG70mEIBf2D22Y72kkIfc3EzBuu2wxaaOTP
t7Q7JkYDv9WV/6gw8Ok2vIrQcq95jtZgDSL1ZHHg6VTukHnXP2SU1rMfRCguTCtc
5JYAgWJ1GWFWt3d6FQnk7SWwJf3pHEVNg0lGpRJdu4qperQ3EhQNeJlGq8adm/Zf
QQUT9T6vsU5cefgelIRSLxFZ9bDobxXXNaox3FqB4tslkJLhTRluCvilJpWuNpH5
7S6xti5neGuHORfIkcS1PmOEx2gDkKWTgotiBx04yU3q+/zr0Ob+K2jxZXe4z2uU
sqEq8pdjCnkE03cljPbfPeutyucS3xDFpFVoXlRqgRNMdZ7jzVSP6qayt3iQIa/E
djVQ2ptHxux5Zapg5Ngr2ASBdyIw+2GLVUKQCeqM+EjMXjRBaJv8DPxWwO4nkC4d
eliy9RxErtQpgHIZKHVmTjoRlh/OH4KAdHZT2Y+Gfv1DVA6TL5cPiQ9e0ZunNNaK
vtXyOzjNPVPZa+2MEq9FTFIkDsR8Ncl/JCzp0bx5uVaV/ovX0A8=
=reP+
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 4274-1] xen security update, Moritz Muehlenhoff, 16.08.2018

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang