similar to: CVE-2014-2653

https://bugzilla.mindrot.org/show_bug.cgi?id=2109 Bug ID: 2109 Summary: Add support for ssh-rsa-sha256 and ssh-dsa-sha256 public key algorithms Product: Portable OpenSSH Version: 6.2p1 Hardware: All OS: FreeBSD Status: NEW Severity: enhancement Priority: P5

Processing commands for control at bugs.debian.org: > retitle 770230 xen: CVE-2014-5146 CVE-2014-5149 CVE-2014-8594 CVE-2014-8595 CVE-2014-9030 Bug #770230 [src:xen] CVE-2014-5146 CVE-2014-5149 CVE-2014-8594 CVE-2014-8595 Changed Bug title to 'xen: CVE-2014-5146 CVE-2014-5149 CVE-2014-8594 CVE-2014-8595 CVE-2014-9030' from 'CVE-2014-5146 CVE-2014-5149 CVE-2014-8594

Have you seen this? https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513 --mancha

Package: xen Version: 4.0.1-5.11 Severity: important Tags: security, fixed-upstream Please see for details: http://www.openwall.com/lists/oss-security/2014/06/17/6 Patch: http://seclists.org/oss-sec/2014/q2/att-549/xsa100.patch --- Henri Salo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc:

Package: xen Severity: grave Tags: security Please see http://www.openwall.com/lists/oss-security/2012/07/26/4 Cheers, Moritz

Source: xen Version: 4.17.0+46-gaaf74a532c-1 Severity: grave Tags: security upstream X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org> Hi, The following vulnerabilities were published for xen. CVE-2022-42331[0]: | x86: speculative vulnerability in 32bit SYSCALL path Due to an | oversight in the very original Spectre/Meltdown security work | (XSA-254),

Package: xen Severity: important Tags: security Justification: user security hole Hi, This issue is still unfixed in Wheezy: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2625 Patch: http://xenbits.xensource.com/hg/xen-unstable.hg/rev/60f09d1ab1fe Cheers, Moritz

Source: xen Severity: important Tags: security Please see http://xenbits.xen.org/xsa/advisory-125.html http://xenbits.xen.org/xsa/advisory-126.html http://xenbits.xen.org/xsa/advisory-127.html Cheers, Moritz

> On December 3, 2016 at 9:11 PM "Jeremiah C. Foster" <jeremiah at jeremiahfoster.com> wrote: > > > On Sat, 2016-12-03 at 12:23 +1000, Noel Butler wrote: > > On 03/12/2016 12:08, Jeremiah C. Foster wrote: > > > > > On Fri, 2016-12-02 at 10:48 +0200, Aki Tuomi wrote: > > > On 02.12.2016 10:45, Jonas Wielicki wrote: On Freitag, 2.

Source: xen Version: 4.8.1~pre.2017.01.23-1 Severity: grave Tags: security upstream Justification: user security hole Hi, the following vulnerability was published for xen. CVE-2017-7228[0]: | An issue (known as XSA-212) was discovered in Xen, with fixes available | for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix | introduced an insufficient check on XENMEM_exchange input,

On Sat, 2016-12-03 at 21:25 +0200, Aki Tuomi wrote: > > On December 3, 2016 at 9:11 PM "Jeremiah C. Foster" <jeremiah at jerem > > iahfoster.com> wrote: > > > > On Sat, 2016-12-03 at 12:23 +1000, Noel Butler wrote: > > > On 03/12/2016 12:08, Jeremiah C. Foster wrote: > > > > > > > On Fri, 2016-12-02 at 10:48 +0200, Aki Tuomi

Package: xen-3 Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-3. CVE-2008-4405[0]: | xend in Xen 3.0.3 does not properly limit the contents of the | /local/domain xenstore directory tree, and does not properly restrict | a guest VM's write access within this tree, which allows guest OS | users to cause a denial of

Hello, our samba server runs in security = user mode. Now I need a share people can connect to, even if they are not in the domain. I tried this configuration [open] comment = Fuer Scripte die via Mcafee gestartet werden guest only = yes #security = share path = /san/san-lacie/abteilungen/allgemein/mcafee read only = no writable = no printable = no Browseable = No but it does not work.

Source: xen Severity: important Tags: security Hi, please see http://xenbits.xen.org/xsa/advisory-116.html for details and a patch. Cheers, Moritz

retitle 776319 xen: CVE-2015-0361 CVE-2015-1563 thanks On Mon, Jan 26, 2015 at 08:52:53PM +0100, Moritz Muehlenhoff wrote: > Source: xen > Severity: important > Tags: security > > Hi, > please see http://xenbits.xen.org/xsa/advisory-116.html > for details and a patch. Also http://xenbits.xen.org/xsa/advisory-118.html needs to be fixed in jessie. Cheers, Moritz

Source: xen-unstable Version: 3.0-unstable+hg11561-1 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-unstable. CVE-2007-3919[0]: | (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local | users to truncate arbitrary files via a symlink attack on | /tmp/xenq-shm. If you fix this vulnerability please also include

Source: xen Version: 4.4.1-9 Severity: normal Tags: security upstream patch fixed-upstream Hi, the following vulnerability was published for xen. CVE-2015-6654[0]: | The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, | 4.4.x, and earlier does not limit the number of printk console | messages when reporting a failure to retrieve a reference on a foreign | page, which allows

Package: xen-unstable Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-unstable. CVE-2008-0928[0]: | Qemu 0.9.1 and earlier does not perform range checks for block device | read or write requests, which allows guest host users with root | privileges to access arbitrary memory and escape the virtual machine. If you fix

Package: xen Severity: grave Tags: security Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4255 for a description and a link to the upstream report/patch. Cheers, Moritz

16.01.2013 18:50, Xen.org security team пишет: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Xen Security Advisory CVE-2012-6075 / XSA-41 > qemu (e1000 device driver): Buffer overflow when processing large packets > > SUMMARY AND SOURCES OF INFORMATION > ================================== > > An issue in qemu has been disclosed which we believe affects