similar to: Processed: retitle 770230 to xen: CVE-2014-5146 CVE-2014-5149 CVE-2014-8594 CVE-2014-8595 CVE-2014-9030

On Wed, Nov 19, 2014 at 11:45:02PM +0100, Moritz Muehlenhoff wrote: > Source: xen > Severity: grave > Tags: security > > Hi, > the following security issues apply to Xen in jessie: > > CVE-2014-5146,CVE-2014-5149: > https://marc.info/?l=oss-security&m=140784877111813&w=2 > > CVE-2014-8594: >

Source: xen Severity: grave Tags: security Hi, the following security issues apply to Xen in jessie: CVE-2014-5146,CVE-2014-5149: https://marc.info/?l=oss-security&m=140784877111813&w=2 CVE-2014-8594: https://marc.info/?l=oss-security&m=141631359901060&w=2 CVE-2014-8595: https://marc.info/?l=oss-security&m=141631352601020&w=2 Cheers, Moritz

Processing commands for control at bugs.debian.org: > close 770230 4.5.1~rc1-1 Bug #770230 [src:xen] xen: CVE-2014-5146 CVE-2014-5149 CVE-2014-8594 CVE-2014-8595 CVE-2014-9030 Marked as fixed in versions xen/4.5.1~rc1-1. Bug #770230 [src:xen] xen: CVE-2014-5146 CVE-2014-5149 CVE-2014-8594 CVE-2014-8595 CVE-2014-9030 Marked Bug as done > thanks Stopping processing here. Please contact me if

Processing commands for control at bugs.debian.org: > severity 770230 important Bug #770230 [src:xen] xen: CVE-2014-5146 CVE-2014-5149 CVE-2014-8594 CVE-2014-8595 CVE-2014-9030 Severity set to 'important' from 'grave' > thanks Stopping processing here. Please contact me if you need assistance. -- 770230: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770230 Debian Bug

Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 27 Nov 2014 20:17:36 +0100 Source: xen Binary: libxen-4.4 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.4 xen-hypervisor-4.4-amd64 xen-system-amd64 xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.4-armhf xen-system-armhf Architecture: source all amd64 Version: 4.4.1-4 Distribution:

Processing commands for control at bugs.debian.org: > clone 469654 -1 Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation Bug 469654 cloned as bug 469662. > reassign -1 xen-3 Bug#469662: xen-unstable: CVE-2008-0928 privilege escalation Bug reassigned from package `xen-unstable' to `xen-3'. > retitle -1 xen-3: CVE-2008-0928 privilege escalation Bug#469662: xen-unstable:

Processing commands for control at bugs.debian.org: > clone 469654 -1 Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation Bug 469654 cloned as bug 469666. > reassign -1 kvm Bug#469666: xen-unstable: CVE-2008-0928 privilege escalation Bug reassigned from package `xen-unstable' to `kvm'. > retitle -1 kvm: CVE-2008-0928 privilege escalation Bug#469666: xen-unstable:

retitle 776319 xen: CVE-2015-0361 CVE-2015-1563 thanks On Mon, Jan 26, 2015 at 08:52:53PM +0100, Moritz Muehlenhoff wrote: > Source: xen > Severity: important > Tags: security > > Hi, > please see http://xenbits.xen.org/xsa/advisory-116.html > for details and a patch. Also http://xenbits.xen.org/xsa/advisory-118.html needs to be fixed in jessie. Cheers, Moritz

Processing commands for control at bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.10.11 > retitle 402249 please include the necessary headers for libvert Bug#402249: xen-3.0: please build libxen3.0 and libxen3.0-dev Changed Bug title to `please include the necessary headers for libvert' from `xen-3.0: please build libxen3.0 and libxen3.0-dev'.

Processing commands for control at bugs.debian.org: > severity 589661 normal Bug #589661 [src:xen] xen: Binary-only NMU will FTBFS Severity set to 'normal' from 'important' > retitle 589661 xen - fails with binary rebuilds Bug #589661 [src:xen] xen: Binary-only NMU will FTBFS Changed Bug title to 'xen - fails with binary rebuilds' from 'xen: Binary-only NMU will

Processing commands for control at bugs.debian.org: > retitle 655301 xend shouldn't start if TOOLSTACK is not xm Bug #655301 [xcp-xapi] xcp-xapi fails to start Changed Bug title to 'xend shouldn't start if TOOLSTACK is not xm' from 'xcp-xapi fails to start' > reassign 655301 xen-utils-common Bug #655301 [xcp-xapi] xend shouldn't start if TOOLSTACK is not xm Bug

Processing commands for control at bugs.debian.org: > retitle 674137 Please make bind port configurable Bug #674137 [xcp-xapi] xcp-xapi: default ports in xapi Changed Bug title to 'Please make bind port configurable' from 'xcp-xapi: default ports in xapi' > severity 674137 wishlist Bug #674137 [xcp-xapi] Please make bind port configurable Ignoring request to change severity

Processing commands for control at bugs.debian.org: > retitle 773561 /etc/init.d/xen fails when run in a nested L1 hypervisor dom0 (Xen on Xen) Bug #773561 [xen-utils-common] /etc/init.d/xen fails when run in a guest, causing postinst to fail. Changed Bug title to '/etc/init.d/xen fails when run in a nested L1 hypervisor dom0 (Xen on Xen)' from '/etc/init.d/xen fails when run in a

The following packages are updated for Xen4CentOS for CentOS 6: Source: 942bc436e401c798991ae4ca956082c12a5a3b65ec53cd7ec9901dda7704f9b7 e1000e-2.5.4-3.10.63.2.el6.centos.alt.src.rpm aa46f97636568c46295d2d99f1e33b5fda50df707a2a8321a516200b8b4e95a6 kernel-3.10.63-11.el6.centos.alt.src.rpm ea44d2658e096ef6f00f7dfd4fecc6bff977d959563e4929539d23643b134c3a libvirt-0.10.2.8-9.el6.centos.alt.src.rpm

Mapping stable-security to proposed-updates. Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 21 Jan 2015 13:50:48 +0200 Source: xen Binary: xen-docs-4.1 libxen-4.1 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.1 xen-hypervisor-4.1-amd64 xen-system-amd64 xen-hypervisor-4.1-i386 xen-system-i386 Architecture:

Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 21 Jan 2015 13:50:48 +0200 Source: xen Binary: xen-docs-4.1 libxen-4.1 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.1 xen-hypervisor-4.1-amd64 xen-system-amd64 xen-hypervisor-4.1-i386 xen-system-i386 Architecture: source all amd64 Version: 4.1.4-3+deb7u4

CentOS Errata and Security Advisory 2014:X010 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- f5a30e6c7c17a391dfc218cce2c2ca52dba4bf61d6c2d664faecda673d72fdea xen-4.2.5-33.el6.centos.alt.x86_64.rpm

Processing commands for control at bugs.debian.org: > user debian-security at lists.debian.org Setting user to debian-security at lists.debian.org (was carnil at debian.org). > usertags 776319 + tracked There were no usertags set. Usertags are now: tracked. > tags 776319 + upstream fixed-upstream Bug #776319 [src:xen] CVE-2015-0361 Added tag(s) upstream and fixed-upstream. > retitle

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Earlier in the day today, we were made aware of a serious issue in openssl as shipped in CentOS-6.5 ( including updates issued since CentOS-6.5 was released ); This issue is addressed in detail at http://heartbleed.com/ Upstream have not released a patched version of openssl, although we are reliably informed that there is quite a bit of effort