From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 2/3] package/xen: security bump to version 4.12.2
Date: Thu, 05 Mar 2020 21:25:30 +0100 [thread overview]
Message-ID: <877dzya6rp.fsf@dell.be.48ers.dk> (raw)
In-Reply-To: <20200119170358.5408-2-peter@korsgaard.com> (Peter Korsgaard's message of "Sun, 19 Jan 2020 18:03:57 +0100")
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
> The 4.12.2 release brings a large number of fixes:
> https://xenproject.org/downloads/xen-project-archives/xen-project-4-12-series/xen-project-4-12-2/
> Including a number of security fixes:
> XSA-296: VCPUOP_initialise DoS (CVE-2019-18420)
> XSA-298: missing descriptor table limit checking in x86 PV emulation
> (CVE-2019-18425)
> XSA-299: Issues with restartable PV type change operations (CVE-2019-18421)
> XSA-301: add-to-physmap can be abused to DoS Arm hosts (CVE-2019-18423)
> XSA-302: passed through PCI devices may corrupt host memory after
> deassignment (CVE-2019-18424)
> XSA-303: ARM: Interrupts are unconditionally unmasked in exception handlers
> (CVE-2019-18422)
> XSA-304: x86: Machine Check Error on Page Size Change DoS (CVE-2018-12207)
> XSA-305: TSX Asynchronous Abort speculative side channel (CVE-2019-11135)
> XSA-306: Device quarantine for alternate pci assignment methods
> (CVE-2019-19579)
> XSA-307: find_next_bit() issues (CVE-2019-19581 CVE-2019-19582)
> XSA-308: VMX: VMentry failure with debug exceptions and blocked states
> (CVE-2019-19583)
> XSA-309: Linear pagetable use / entry miscounts (CVE-2019-19578)
> XSA-310: Further issues with restartable PV type change operations
> (CVE-2019-19580)
> XSA-311: Bugs in dynamic height handling for AMD IOMMU pagetables
> (CVE-2019-19577)
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Committed to 2019.11.x, thanks.
For 2019.02.x I will instead bump to 4.11.3.
--
Bye, Peter Korsgaard
next prev parent reply other threads:[~2020-03-05 20:25 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-19 17:03 [Buildroot] [PATCH 1/3] package/xen: explicitly disable checkpolicy logic Peter Korsgaard
2020-01-19 17:03 ` [Buildroot] [PATCH 2/3] package/xen: security bump to version 4.12.2 Peter Korsgaard
2020-01-20 0:26 ` Alistair Francis
2020-01-20 7:39 ` Peter Korsgaard
2020-03-05 20:25 ` Peter Korsgaard [this message]
2020-01-19 17:03 ` [Buildroot] [PATCH 3/3] package/xen: add upstream security fix for XSA-312 Peter Korsgaard
2020-01-20 0:28 ` Alistair Francis
2020-01-20 7:39 ` Peter Korsgaard
2020-03-05 20:25 ` Peter Korsgaard
2020-01-20 0:23 ` [Buildroot] [PATCH 1/3] package/xen: explicitly disable checkpolicy logic Alistair Francis
2020-01-20 7:39 ` Peter Korsgaard
2020-01-21 21:29 ` Arnout Vandecappelle
2020-01-21 21:45 ` Peter Korsgaard
2020-01-22 7:57 ` Arnout Vandecappelle
2020-03-05 20:21 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877dzya6rp.fsf@dell.be.48ers.dk \
--to=peter@korsgaard.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.