[libvirt] [security-notice PATCH 0/9] various improvements to script for finding broken/fixed branches/tags
7:51 p.m.
This series provides for much greater automation when publishing
details of security flaws. It is now possible to just provide the broken
and fixed commit hash on the master branch. All the tag info and details
of branches are now filled in automatically.
Daniel P. Berrangé (9):
scripts: change data structures used to track branches & tags
scripts: report vulnerable branches which don't have any tags too
scripts: add ability to handle a fixed commit hash
scripts: change to update notice files inplace
scripts: allow for notices to have multiple commit hashes
scripts: optimize tag to branch mapping
scripts: add detection of cherry-picks in branches
scripts: fuzzy matching on subject to identify unannotated cherry
picks
notices: re-generate all branch/tag info
notices/2008/0001.xml | 6 -
notices/2009/0001.xml | 2 +
notices/2010/0001.xml | 3 -
notices/2010/0002.xml | 3 -
notices/2010/0004.xml | 2 +-
notices/2011/0001.xml | 10 +-
notices/2011/0002.xml | 4 +
notices/2012/0001.xml | 14 +-
notices/2012/0002.xml | 2 +-
notices/2012/0003.xml | 4 +
notices/2013/0001.xml | 8 +
notices/2013/0002.xml | 8 +
notices/2013/0003.xml | 21 ++
notices/2013/0005.xml | 2 +-
notices/2013/0006.xml | 1 +
notices/2013/0007.xml | 2 +-
notices/2013/0010.xml | 16 +-
notices/2013/0012.xml | 28 ++-
notices/2013/0015.xml | 2 +-
notices/2013/0016.xml | 22 ++-
notices/2013/0018.xml | 102 +++++-----
notices/2013/0020.xml | 68 ++++---
notices/2013/0021.xml | 2 +-
notices/2014/0001.xml | 8 +
notices/2014/0003.xml | 107 ++++++++--
notices/2014/0004.xml | 25 ++-
notices/2014/0005.xml | 21 +-
notices/2014/0006.xml | 22 ++-
notices/2014/0007.xml | 18 +-
notices/2014/0008.xml | 6 +-
notices/2014/0009.xml | 5 +-
notices/2014/0010.xml | 8 +-
notices/2015/0001.xml | 10 +-
notices/2015/0002.xml | 6 +-
notices/2015/0003.xml | 14 +-
notices/2015/0004.xml | 13 +-
notices/2016/0001.xml | 4 +-
notices/2016/0002.xml | 1 +
notices/2017/0001.xml | 4 +-
notices/2017/0002.xml | 6 +-
notices/2018/0001.xml | 159 ++++++++++++++-
notices/2018/0002.xml | 158 ++++++++++++++-
notices/2018/0003.xml | 161 ++++++++++++++-
notices/2018/0004.xml | 159 ++++++++++++++-
notices/2018/0005.xml | 162 ++++++++++++++-
notices/2019/0001.xml | 2 +-
notices/2019/0002.xml | 2 +-
scripts/report-vulnerable-tags.pl | 319 ++++++++++++++++++++++++++----
48 files changed, 1507 insertions(+), 225 deletions(-)
--
2.21.0
7:51 p.m.
New subject: [libvirt] [security-notice PATCH 1/9] scripts: change data structures used to track branches & tags
We need to track more info against each branch, so use a more
advanced data structure.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 53 ++++++++++++++++++++++---------
1 file changed, 38 insertions(+), 15 deletions(-)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 0b6ea6f..14d31c0 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -11,6 +11,15 @@ if (int(@ARGV) != 1) {
my $changeset = shift @ARGV;
+# branch name to hash with keys
+# - brokenchanges -> list of commit ids
+# - brokentags -> hash of tag names to '1'
+my %branches;
+
+# tag name to '0' (fixed) or '1' (broken)
+my %tags;
+
+
sub get_tags {
my @args = @_;
@@ -53,17 +62,31 @@ sub get_branch {
return @branches;
}
-my @branches;
-my %tags;
-my %branches;
+sub add_branch {
+ my $name = shift @_;
+
+ return if exists $branches{$name};
+
+ $branches{$name} = {
+ "brokenchanges" => [$changeset],
+ "brokentags" => {},
+ };
+}
+
+sub add_broken_tag {
+ my $branch = shift @_;
+ my $tag = shift @_;
+
+ $tags{$tag} = 1;
+ $branches{$branch}->{"brokentags"}->{$tag} = 1;
+}
+
+add_branch("master");
-$branches{"master"} = [];
# Most tags live on master so lets get them first
for my $tag (get_tags("--contains", $changeset, "--merged",
"master")) {
- push @{$branches{"master"}}, $tag;
- $tags{$tag} = 1;
+ add_broken_tag("master", $tag);
}
-push @branches, "master";
# Now we need slower work to find branches for
# few remaining tags
@@ -84,22 +107,22 @@ for my $tag (get_tags("--contains", $changeset)) {
if (int(@tagbranches) > 1) {
print "Tag $tag appears in multiple branches\n";
}
+ my $branch = $tagbranches[0];
- unless (exists($branches{$tagbranches[0]})) {
- $branches{$tagbranches[0]} = [];
- push @branches, $tagbranches[0];
- }
- push @{$branches{$tagbranches[0]}}, $tag;
+ add_branch($branch);
+ add_broken_tag($branch, $tag);
}
-foreach my $branch (sort versioncmp @branches) {
+foreach my $branch (sort versioncmp keys %branches) {
print " <branch>\n";
print " <name>$branch</name>\n";
- foreach my $tag (sort versioncmp @{$branches{$branch}}) {
+ foreach my $tag (sort versioncmp keys
%{$branches{$branch}->{"brokentags"}}) {
print " <tag
state=\"vulnerable\">$tag</tag>\n";
}
- print " <change
state=\"vulnerable\">$changeset</change>\n";
+ foreach my $commit (@{$branches{$branch}->{"brokenchanges"}}) {
+ print " <change
state=\"vulnerable\">$commit</change>\n";
+ }
if ($branch eq "master") {
print " <change state=\"fixed\"></change>\n";
--
2.21.0
6:46 p.m.
New subject: [libvirt] [security-notice PATCH 1/9] scripts: change data structures used to track branches & tags
On Mon, May 13, 2019 at 12:51:58PM +0100, Daniel P. Berrangé wrote:
We need to track more info against each branch, so use a more
advanced data structure.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 53 ++++++++++++++++++++++---------
1 file changed, 38 insertions(+), 15 deletions(-)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 0b6ea6f..14d31c0 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
[...]
}
-foreach my $branch (sort versioncmp @branches) {
+foreach my $branch (sort versioncmp keys %branches) {
print " <branch>\n";
print " <name>$branch</name>\n";
- foreach my $tag (sort versioncmp @{$branches{$branch}}) {
+ foreach my $tag (sort versioncmp keys
%{$branches{$branch}->{"brokentags"}}) {
print " <tag
state=\"vulnerable\">$tag</tag>\n";
}
- print " <change
state=\"vulnerable\">$changeset</change>\n";
+ foreach my $commit (@{$branches{$branch}->{"brokenchanges"}}) {
+ print " <change
state=\"vulnerable\">$commit</change>\n";
^ TAB
+ }
if ($branch eq "master") {
print " <change state=\"fixed\"></change>\n";
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
7:51 p.m.
New subject: [libvirt] [security-notice PATCH 2/9] scripts: report vulnerable branches which don't have any tags too
Currently we only report branches which have some tags on them which
means we only pick up branches which have had stable releases. We must
also report vulnerable status against other branches which exist but
have not yet had releases.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 14d31c0..8a6c2e4 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -42,7 +42,7 @@ sub get_tags {
return @tags;
}
-sub get_branch {
+sub get_branches {
my $tag = shift;
my @branches;
@@ -94,7 +94,7 @@ for my $tag (get_tags("--contains", $changeset)) {
next if exists $tags{$tag};
- my @tagbranches = get_branch($tag);
+ my @tagbranches = get_branches($tag);
if (int(@tagbranches) == 0) {
if ($tag eq "v2.1.0") {
@tagbranches = ("master")
@@ -113,6 +113,9 @@ for my $tag (get_tags("--contains", $changeset)) {
add_broken_tag($branch, $tag);
}
+for my $branch (get_branches($broken)) {
+ add_branch($branch);
+}
foreach my $branch (sort versioncmp keys %branches) {
print " <branch>\n";
@@ -125,7 +128,7 @@ foreach my $branch (sort versioncmp keys %branches) {
}
if ($branch eq "master") {
- print " <change state=\"fixed\"></change>\n";
+ print " <change
state=\"fixed\">$fixed</change>\n";
}
print " </branch>\n";
}
--
2.21.0
7:03 p.m.
New subject: [libvirt] [security-notice PATCH 2/9] scripts: report vulnerable branches which don't have any tags too
On Mon, May 13, 2019 at 12:51:59PM +0100, Daniel P. Berrangé wrote:
Currently we only report branches which have some tags on them which
means we only pick up branches which have had stable releases. We must
also report vulnerable status against other branches which exist but
have not yet had releases.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
7:52 p.m.
New subject: [libvirt] [security-notice PATCH 3/9] scripts: add ability to handle a fixed commit hash
Currently when given a broken commit hash we assume everything newer
than this is broken. If we are retroactively recording info on a flaw that
is already fixed in git though, we might know a fixed commit hash. Use
this info to know when to stop reporting broken tags and branches.
Note this only works for branches containing the original primary fixed
commit. This does not try to identify cherry-picks to branches.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 74 +++++++++++++++++++++++++++----
1 file changed, 66 insertions(+), 8 deletions(-)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 8a6c2e4..431a7bf 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -5,15 +5,18 @@ use warnings;
use Sort::Versions;
-if (int(@ARGV) != 1) {
- die "syntax: $0 CHANGESET\n";
+if (int(@ARGV) != 1 && int(@ARGV) != 2) {
+ die "syntax: $0 BROKEN-CHANGESET [FIXED-CHANGESET]\n";
}
-my $changeset = shift @ARGV;
+my $broken = shift @ARGV;
+my $fixed = shift @ARGV;
# branch name to hash with keys
# - brokenchanges -> list of commit ids
# - brokentags -> hash of tag names to '1'
+# - fixedchanges -> list of commit ids
+# - fixedtags -> hash of tag names to '1'
my %branches;
# tag name to '0' (fixed) or '1' (broken)
@@ -68,11 +71,22 @@ sub add_branch {
return if exists $branches{$name};
$branches{$name} = {
- "brokenchanges" => [$changeset],
+ "brokenchanges" => [$broken],
"brokentags" => {},
+ "fixedchanges" => [],
+ "fixedtags" => {},
};
}
+sub delete_branch {
+ my $name = shift @_;
+
+ if (int(keys %{$branches{$name}->{"brokentags"}})) {
+ print "Branch $name shouldn't have broken tags\n";
+ }
+ delete $branches{$name};
+}
+
sub add_broken_tag {
my $branch = shift @_;
my $tag = shift @_;
@@ -81,16 +95,51 @@ sub add_broken_tag {
$branches{$branch}->{"brokentags"}->{$tag} = 1;
}
+sub add_fixed_tag {
+ my $branch = shift @_;
+ my $tag = shift @_;
+
+ $tags{$tag} = 0;
+ $branches{$branch}->{"fixedtags"}->{$tag} = 1;
+}
+
+sub add_fixed_commit {
+ my $branch = shift @_;
+ my $commit = shift @_;
+
+ push @{$branches{$branch}->{"fixedchanges"}}, $commit;
+}
+
add_branch("master");
+if (defined $fixed) {
+ # Mark any tags containing the fix as known so they
+ # get excluded when later finding vulnerable tags
+ for my $tag (get_tags("--contains", $fixed)) {
+ $tags{$tag} = 0;
+ }
+
+
+ # Record the first tag in master which has the fix, if any
+ my @fixedtags = sort versioncmp get_tags("--contains", $fixed,
"--merged", "master");
+ if (int(@fixedtags)) {
+ add_fixed_tag("master", $fixedtags[0]);
+ }
+
+ add_fixed_commit("master", $fixed);
+}
+
# Most tags live on master so lets get them first
-for my $tag (get_tags("--contains", $changeset, "--merged",
"master")) {
+for my $tag (get_tags("--contains", $broken, "--merged",
"master")) {
+
+ next if exists $tags{$tag};
+
add_broken_tag("master", $tag);
}
# Now we need slower work to find branches for
# few remaining tags
-for my $tag (get_tags("--contains", $changeset)) {
+for my $tag (get_tags("--contains", $broken)) {
next if exists $tags{$tag};
@@ -117,6 +166,12 @@ for my $branch (get_branches($broken)) {
add_branch($branch);
}
+if (defined $fixed) {
+ for my $branch (get_branches($fixed)) {
+ delete_branch($branch);
+ }
+}
+
foreach my $branch (sort versioncmp keys %branches) {
print " <branch>\n";
print " <name>$branch</name>\n";
@@ -127,8 +182,11 @@ foreach my $branch (sort versioncmp keys %branches) {
print " <change
state=\"vulnerable\">$commit</change>\n";
}
- if ($branch eq "master") {
- print " <change
state=\"fixed\">$fixed</change>\n";
+ foreach my $tag (sort versioncmp keys
%{$branches{$branch}->{"fixedtags"}}) {
+ print " <tag state=\"fixed\">$tag</tag>\n";
+ }
+ foreach my $commit (@{$branches{$branch}->{"fixedchanges"}}) {
+ print " <change
state=\"fixed\">$commit</change>\n";
}
print " </branch>\n";
}
--
2.21.0
7:04 p.m.
New subject: [libvirt] [security-notice PATCH 3/9] scripts: add ability to handle a fixed commit hash
On Mon, May 13, 2019 at 12:52:00PM +0100, Daniel P. Berrangé wrote:
Currently when given a broken commit hash we assume everything newer
than this is broken. If we are retroactively recording info on a flaw that
is already fixed in git though, we might know a fixed commit hash. Use
this info to know when to stop reporting broken tags and branches.
Note this only works for branches containing the original primary fixed
commit. This does not try to identify cherry-picks to branches.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 74 +++++++++++++++++++++++++++----
1 file changed, 66 insertions(+), 8 deletions(-)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 8a6c2e4..431a7bf 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -5,15 +5,18 @@ use warnings;
use Sort::Versions;
-if (int(@ARGV) != 1) {
- die "syntax: $0 CHANGESET\n";
+if (int(@ARGV) != 1 && int(@ARGV) != 2) {
+ die "syntax: $0 BROKEN-CHANGESET [FIXED-CHANGESET]\n";
}
-my $changeset = shift @ARGV;
+my $broken = shift @ARGV;
+my $fixed = shift @ARGV;
# branch name to hash with keys
# - brokenchanges -> list of commit ids
# - brokentags -> hash of tag names to '1'
+# - fixedchanges -> list of commit ids
+# - fixedtags -> hash of tag names to '1'
my %branches;
# tag name to '0' (fixed) or '1' (broken)
@@ -68,11 +71,22 @@ sub add_branch {
return if exists $branches{$name};
$branches{$name} = {
- "brokenchanges" => [$changeset],
+ "brokenchanges" => [$broken],
"brokentags" => {},
+ "fixedchanges" => [],
+ "fixedtags" => {},
};
}
+sub delete_branch {
+ my $name = shift @_;
+
+ if (int(keys %{$branches{$name}->{"brokentags"}})) {
+ print "Branch $name shouldn't have broken tags\n";
^ TAB
+ }
+ delete $branches{$name};
+}
+
sub add_broken_tag {
my $branch = shift @_;
my $tag = shift @_;
@@ -81,16 +95,51 @@ sub add_broken_tag {
$branches{$branch}->{"brokentags"}->{$tag} = 1;
}
+sub add_fixed_tag {
+ my $branch = shift @_;
+ my $tag = shift @_;
+
+ $tags{$tag} = 0;
+ $branches{$branch}->{"fixedtags"}->{$tag} = 1;
+}
+
+sub add_fixed_commit {
+ my $branch = shift @_;
+ my $commit = shift @_;
+
+ push @{$branches{$branch}->{"fixedchanges"}}, $commit;
+}
+
add_branch("master");
+if (defined $fixed) {
+ # Mark any tags containing the fix as known so they
+ # get excluded when later finding vulnerable tags
+ for my $tag (get_tags("--contains", $fixed)) {
+ $tags{$tag} = 0;
^ indentation
+ }
+
+
+ # Record the first tag in master which has the fix, if any
+ my @fixedtags = sort versioncmp get_tags("--contains", $fixed,
"--merged", "master");
+ if (int(@fixedtags)) {
+ add_fixed_tag("master", $fixedtags[0]);
^ TAB
+ }
+
+ add_fixed_commit("master", $fixed);
+}
+
# Most tags live on master so lets get them first
-for my $tag (get_tags("--contains", $changeset, "--merged",
"master")) {
+for my $tag (get_tags("--contains", $broken, "--merged",
"master")) {
+
+ next if exists $tags{$tag};
+
add_broken_tag("master", $tag);
}
# Now we need slower work to find branches for
# few remaining tags
-for my $tag (get_tags("--contains", $changeset)) {
+for my $tag (get_tags("--contains", $broken)) {
next if exists $tags{$tag};
@@ -117,6 +166,12 @@ for my $branch (get_branches($broken)) {
add_branch($branch);
}
+if (defined $fixed) {
+ for my $branch (get_branches($fixed)) {
+ delete_branch($branch);
^ TAB
+ }
+}
+
foreach my $branch (sort versioncmp keys %branches) {
print " <branch>\n";
print " <name>$branch</name>\n";
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
7:52 p.m.
New subject: [libvirt] [security-notice PATCH 4/9] scripts: change to update notice files inplace
Instead of printing out a snippet which then has to be cut and pasted
into the notice file, directly read the template notice file and
update it in place with new branch/tag info.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 66 ++++++++++++++++++++++++-------
1 file changed, 52 insertions(+), 14 deletions(-)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 431a7bf..3a94721 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -5,12 +5,37 @@ use warnings;
use Sort::Versions;
-if (int(@ARGV) != 1 && int(@ARGV) != 2) {
- die "syntax: $0 BROKEN-CHANGESET [FIXED-CHANGESET]\n";
+if (int(@ARGV) != 1) {
+ die "syntax: $0 NOTICE.XML\n";
}
-my $broken = shift @ARGV;
-my $fixed = shift @ARGV;
+my $broken;
+my $fixed;
+my $notice = shift @ARGV;
+my @notice;
+
+open NOTICE, $notice or die "cannot read $notice: $!";
+my $master;
+my $discard;
+for my $line (<NOTICE>) {
+ push @notice, $line unless $discard;
+ if ($line =~ m,<repository>,) {
+ $discard = 1;
+ } elsif ($line =~ m,<name>master</name>,) {
+ $master = 1;
+ } elsif ($line =~ m,</branch>,) {
+ $master = 0;
+ } elsif ($master) {
+ if ($line =~ m,<change
state="(vulnerable|fixed)">([a-zA-Z0-9]+)</change>,) {
+ if ($1 eq "vulnerable") {
+ $broken = $2;
+ } else {
+ $fixed = $2;
+ }
+ }
+ }
+}
+close NOTICE;
# branch name to hash with keys
# - brokenchanges -> list of commit ids
@@ -154,7 +179,7 @@ for my $tag (get_tags("--contains", $broken)) {
}
if (int(@tagbranches) > 1) {
- print "Tag $tag appears in multiple branches\n";
+ print "Tag $tag appears in multiple branches\n";
}
my $branch = $tagbranches[0];
@@ -172,21 +197,34 @@ if (defined $fixed) {
}
}
+open NOTICE, ">$notice.tmp" or die "cannot create $notice.tmp:
$!";
+foreach my $line (@notice) {
+ print NOTICE $line;
+}
+
foreach my $branch (sort versioncmp keys %branches) {
- print " <branch>\n";
- print " <name>$branch</name>\n";
+ print NOTICE " <branch>\n";
+ print NOTICE " <name>$branch</name>\n";
+
foreach my $tag (sort versioncmp keys
%{$branches{$branch}->{"brokentags"}}) {
- print " <tag
state=\"vulnerable\">$tag</tag>\n";
+ print NOTICE " <tag
state=\"vulnerable\">$tag</tag>\n";
}
- foreach my $commit (@{$branches{$branch}->{"brokenchanges"}}) {
- print " <change
state=\"vulnerable\">$commit</change>\n";
+ foreach my $change (@{$branches{$branch}->{"brokenchanges"}}) {
+ print NOTICE " <change
state=\"vulnerable\">$change</change>\n";
}
foreach my $tag (sort versioncmp keys
%{$branches{$branch}->{"fixedtags"}}) {
- print " <tag state=\"fixed\">$tag</tag>\n";
+ print NOTICE " <tag
state=\"fixed\">$tag</tag>\n";
}
- foreach my $commit (@{$branches{$branch}->{"fixedchanges"}}) {
- print " <change
state=\"fixed\">$commit</change>\n";
+ foreach my $change (@{$branches{$branch}->{"fixedchanges"}}) {
+ print NOTICE " <change
state=\"fixed\">$change</change>\n";
}
- print " </branch>\n";
+ print NOTICE " </branch>\n";
}
+
+print NOTICE " </product>\n";
+print NOTICE "\n";
+print NOTICE "</security-notice>\n";
+close NOTICE;
+
+rename "$notice.tmp", "$notice" or die "cannot replace $notice:
$!";
--
2.21.0
7:06 p.m.
New subject: [libvirt] [security-notice PATCH 4/9] scripts: change to update notice files inplace
On Mon, May 13, 2019 at 12:52:01PM +0100, Daniel P. Berrangé wrote:
Instead of printing out a snippet which then has to be cut and pasted
into the notice file, directly read the template notice file and
update it in place with new branch/tag info.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 66 ++++++++++++++++++++++++-------
1 file changed, 52 insertions(+), 14 deletions(-)
Lots of new TABs in this patch,
diff --git a/scripts/report-vulnerable-tags.pl
b/scripts/report-vulnerable-tags.pl
index 431a7bf..3a94721 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -5,12 +5,37 @@ use warnings;
use Sort::Versions;
-if (int(@ARGV) != 1 && int(@ARGV) != 2) {
- die "syntax: $0 BROKEN-CHANGESET [FIXED-CHANGESET]\n";
+if (int(@ARGV) != 1) {
+ die "syntax: $0 NOTICE.XML\n";
}
-my $broken = shift @ARGV;
-my $fixed = shift @ARGV;
+my $broken;
+my $fixed;
+my $notice = shift @ARGV;
+my @notice;
+
+open NOTICE, $notice or die "cannot read $notice: $!";
+my $master;
+my $discard;
+for my $line (<NOTICE>) {
+ push @notice, $line unless $discard;
+ if ($line =~ m,<repository>,) {
+ $discard = 1;
+ } elsif ($line =~ m,<name>master</name>,) {
+ $master = 1;
+ } elsif ($line =~ m,</branch>,) {
+ $master = 0;
+ } elsif ($master) {
+ if ($line =~ m,<change
state="(vulnerable|fixed)">([a-zA-Z0-9]+)</change>,) {
+ if ($1 eq "vulnerable") {
+ $broken = $2;
+ } else {
+ $fixed = $2;
+ }
+ }
+ }
+}
+close NOTICE;
# branch name to hash with keys
# - brokenchanges -> list of commit ids
@@ -154,7 +179,7 @@ for my $tag (get_tags("--contains", $broken)) {
}
if (int(@tagbranches) > 1) {
- print "Tag $tag appears in multiple branches\n";
+ print "Tag $tag appears in multiple branches\n";
Here the TAB is the only change.
}
my $branch = $tagbranches[0];
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
7:52 p.m.
New subject: [libvirt] [security-notice PATCH 5/9] scripts: allow for notices to have multiple commit hashes
Sometimes a bug may be introduced across multiple commits, or fixed
across multiple commits. We must thus honour the full list of commits.
There might not even be a broken commit listed yet.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 73 ++++++++++++++++++-------------
1 file changed, 43 insertions(+), 30 deletions(-)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 3a94721..59859b1 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -9,7 +9,9 @@ if (int(@ARGV) != 1) {
die "syntax: $0 NOTICE.XML\n";
}
+my @broken;
my $broken;
+my @fixed;
my $fixed;
my $notice = shift @ARGV;
my @notice;
@@ -28,15 +30,22 @@ for my $line (<NOTICE>) {
} elsif ($master) {
if ($line =~ m,<change
state="(vulnerable|fixed)">([a-zA-Z0-9]+)</change>,) {
if ($1 eq "vulnerable") {
- $broken = $2;
+ push @broken, $2;
} else {
- $fixed = $2;
+ push @fixed, $2;
}
}
}
}
close NOTICE;
+if (int(@broken)) {
+ $broken = $broken[0];
+}
+if (int(@fixed)) {
+ $fixed = $fixed[$#fixed];
+}
+
# branch name to hash with keys
# - brokenchanges -> list of commit ids
# - brokentags -> hash of tag names to '1'
@@ -96,7 +105,7 @@ sub add_branch {
return if exists $branches{$name};
$branches{$name} = {
- "brokenchanges" => [$broken],
+ "brokenchanges" => [@broken],
"brokentags" => {},
"fixedchanges" => [],
"fixedtags" => {},
@@ -151,44 +160,48 @@ if (defined $fixed) {
add_fixed_tag("master", $fixedtags[0]);
}
- add_fixed_commit("master", $fixed);
+ for my $commit (@fixed) {
+ add_fixed_commit("master", $commit);
+ }
}
-# Most tags live on master so lets get them first
-for my $tag (get_tags("--contains", $broken, "--merged",
"master")) {
+if (defined $broken) {
+ # Most tags live on master so lets get them first
+ for my $tag (get_tags("--contains", $broken, "--merged",
"master")) {
- next if exists $tags{$tag};
+ next if exists $tags{$tag};
- add_broken_tag("master", $tag);
-}
+ add_broken_tag("master", $tag);
+ }
+
+ # Now we need slower work to find branches for
+ # few remaining tags
+ for my $tag (get_tags("--contains", $broken)) {
-# Now we need slower work to find branches for
-# few remaining tags
-for my $tag (get_tags("--contains", $broken)) {
+ next if exists $tags{$tag};
- next if exists $tags{$tag};
+ my @tagbranches = get_branches($tag);
+ if (int(@tagbranches) == 0) {
+ if ($tag eq "v2.1.0") {
+ @tagbranches = ("master")
+ } else {
+ print "Tag $tag doesn't appear in any branch\n";
+ next;
+ }
+ }
- my @tagbranches = get_branches($tag);
- if (int(@tagbranches) == 0) {
- if ($tag eq "v2.1.0") {
- @tagbranches = ("master")
- } else {
- print "Tag $tag doesn't appear in any branch\n";
- next;
+ if (int(@tagbranches) > 1) {
+ print "Tag $tag appears in multiple branches\n";
}
- }
+ my $branch = $tagbranches[0];
- if (int(@tagbranches) > 1) {
- print "Tag $tag appears in multiple branches\n";
+ add_branch($branch);
+ add_broken_tag($branch, $tag);
}
- my $branch = $tagbranches[0];
- add_branch($branch);
- add_broken_tag($branch, $tag);
-}
-
-for my $branch (get_branches($broken)) {
- add_branch($branch);
+ for my $branch (get_branches($broken)) {
+ add_branch($branch);
+ }
}
if (defined $fixed) {
--
2.21.0
7:06 p.m.
New subject: [libvirt] [security-notice PATCH 5/9] scripts: allow for notices to have multiple commit hashes
On Mon, May 13, 2019 at 12:52:02PM +0100, Daniel P. Berrangé wrote:
Sometimes a bug may be introduced across multiple commits, or fixed
across multiple commits. We must thus honour the full list of commits.
There might not even be a broken commit listed yet.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 73 ++++++++++++++++++-------------
1 file changed, 43 insertions(+), 30 deletions(-)
More TABs.
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
7:52 p.m.
New subject: [libvirt] [security-notice PATCH 6/9] scripts: optimize tag to branch mapping
The tags have a well defined naming scheme, letting us identify the
branch by simply stripping the last digit and appending '-maint'. This
eliminates the need to run a query per branch.
---
scripts/report-vulnerable-tags.pl | 31 ++++++++++++++-----------------
1 file changed, 14 insertions(+), 17 deletions(-)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 59859b1..43f344a 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -174,34 +174,31 @@ if (defined $broken) {
add_broken_tag("master", $tag);
}
+ for my $branch (get_branches($broken)) {
+ add_branch($branch);
+ }
+
# Now we need slower work to find branches for
# few remaining tags
for my $tag (get_tags("--contains", $broken)) {
-
next if exists $tags{$tag};
- my @tagbranches = get_branches($tag);
- if (int(@tagbranches) == 0) {
- if ($tag eq "v2.1.0") {
- @tagbranches = ("master")
- } else {
- print "Tag $tag doesn't appear in any branch\n";
- next;
- }
+ # Hack as tag was mistakenly not on master branch
+ if ($tag eq "v2.1.0") {
+ $branches{"master"}->{"brokentags"}->{$tag} = 1;
+ next;
}
- if (int(@tagbranches) > 1) {
- print "Tag $tag appears in multiple branches\n";
+ die "malformed tag $tag" unless $tag =~ /(v.*)\.(\d+)$/;
+ my $branch = "$1-maint";
+
+ if (!exists $branches{$branch}) {
+ print "Tag $tag mapped to branch $branch which doesn't exist\n";
+ next;
}
- my $branch = $tagbranches[0];
- add_branch($branch);
add_broken_tag($branch, $tag);
}
-
- for my $branch (get_branches($broken)) {
- add_branch($branch);
- }
}
if (defined $fixed) {
--
2.21.0
7:07 p.m.
New subject: [libvirt] [security-notice PATCH 6/9] scripts: optimize tag to branch mapping
On Mon, May 13, 2019 at 12:52:03PM +0100, Daniel P. Berrangé wrote:
The tags have a well defined naming scheme, letting us identify the
branch by simply stripping the last digit and appending '-maint'. This
eliminates the need to run a query per branch.
---
scripts/report-vulnerable-tags.pl | 31 ++++++++++++++-----------------
1 file changed, 14 insertions(+), 17 deletions(-)
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
7:52 p.m.
New subject: [libvirt] [security-notice PATCH 7/9] scripts: add detection of cherry-picks in branches
Look at each fix on the branch to identify if it is a recorded
cherry-pick from the fixes known for the master branch
If all fixes from master are cherry-picked to the branch, then look at
tags on the branch to identify if a bug fix release has been made
containing all the fixes.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 69 +++++++++++++++++++++++++++++++
1 file changed, 69 insertions(+)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 43f344a..6a0f7dc 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -99,6 +99,28 @@ sub get_branches {
return @branches;
}
+sub get_cherry_picks {
+ my $branch = shift @_;
+ my $tag = shift @_;
+
+ open GIT, "-|", "git", "log",
"$tag..origin/$branch" or
+ die "cannot query 'git log $tag..origin/$branch': $!\n";
+
+ my $commit;
+ my %cherrypicks;
+ while (<GIT>) {
+ chomp;
+
+ if (/^commit ([a-zA-Z0-9]+)/) {
+ $commit = $1;
+ } elsif (/cherry picked from commit ([a-zA-Z0-9]+)/) {
+ $cherrypicks{$1} = $commit;
+ }
+ }
+
+ return %cherrypicks;
+}
+
sub add_branch {
my $name = shift @_;
@@ -177,7 +199,54 @@ if (defined $broken) {
for my $branch (get_branches($broken)) {
add_branch($branch);
}
+}
+
+if (defined $fixed) {
+ # Try to match up fixed commit with cherry-picks
+ for my $branch (sort versioncmp keys %branches) {
+ next if $branch eq "master";
+
+ my $basetag = $branch;
+ $basetag =~ s/-maint//;
+ my @bits = split /\./, $basetag;
+
+ if (int(@bits) == 2) {
+ $basetag = $basetag . ".0";
+ }
+
+ my %cherrypicks = get_cherry_picks($branch, $basetag);
+
+ my @missing;
+ for my $commit (@fixed) {
+ if (exists $cherrypicks{$commit}) {
+ my $cherry = $cherrypicks{$commit};
+ add_fixed_commit($branch, $cherry);
+ } else {
+ push @missing, $commit;
+ }
+ }
+
+ # If all fixes on master exist on branch, then
+ # identify any tags holding the last cherry-pick
+ # so the branch gets marked as non-vulnerable.
+ if (int(@missing) == 0) {
+ my $bfixed =
$branches{$branch}->{fixedchanges}->[$#{$branches{$branch}->{fixedchanges}}];
+ # Mark any tags containing the fix as known so they
+ # get excluded when later finding vulnerable tags
+ for my $tag (get_tags("--contains", $bfixed)) {
+ $tags{$tag} = 0;
+ }
+
+ # Record the first tag in master which has the fix, if any
+ my @fixedtags = sort versioncmp get_tags("--contains", $bfixed,
"--merged", $branch);
+ if (int(@fixedtags)) {
+ add_fixed_tag($branch, $fixedtags[0]);
+ }
+ }
+ }
+}
+if (defined $broken) {
# Now we need slower work to find branches for
# few remaining tags
for my $tag (get_tags("--contains", $broken)) {
--
2.21.0
7:09 p.m.
New subject: [libvirt] [security-notice PATCH 7/9] scripts: add detection of cherry-picks in branches
On Mon, May 13, 2019 at 12:52:04PM +0100, Daniel P. Berrangé wrote:
Look at each fix on the branch to identify if it is a recorded
cherry-pick from the fixes known for the master branch
If all fixes from master are cherry-picked to the branch, then look at
tags on the branch to identify if a bug fix release has been made
containing all the fixes.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 69 +++++++++++++++++++++++++++++++
1 file changed, 69 insertions(+)
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
7:52 p.m.
New subject: [libvirt] [security-notice PATCH 8/9] scripts: fuzzy matching on subject to identify unannotated cherry picks
Sometimes fixes are mistakenly cherry picked into branches without using
the '-x' flag to record the cherry pick master commit. Add fuzzy
matching based on subject line to attempt to identify these fixes on
branches.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 46 +++++++++++++++++++++++++++++++
1 file changed, 46 insertions(+)
diff --git a/scripts/report-vulnerable-tags.pl b/scripts/report-vulnerable-tags.pl
index 6a0f7dc..c37416d 100644
--- a/scripts/report-vulnerable-tags.pl
+++ b/scripts/report-vulnerable-tags.pl
@@ -121,6 +121,38 @@ sub get_cherry_picks {
return %cherrypicks;
}
+sub get_fuzzy_picks {
+ my $branch = shift @_;
+ my $tag = shift @_;
+
+ my %subjects;
+
+ for my $commit (@fixed) {
+ open GIT, "-|", "git", "show", "--no-patch",
"--format=%s", $commit
+ or die "cannot query 'git show --no-patch --format=%s $commit':
$!";
+ my $subject = <GIT>;
+ chomp $subject;
+ close GIT;
+
+ $subjects{$subject} = $commit;
+ }
+
+ open GIT, "-|", "git", "log", "--format=%H
%s", "$tag..origin/$branch" or
+ die "cannot query 'git log --format='%h %s' $tag..origin/$branch':
$!\n";
+
+ my $commit;
+ my %fuzzypicks;
+ while (<GIT>) {
+ if (/([a-zA-Z0-9]+)\s(.*)$/) {
+ if (exists $subjects{$2}) {
+ $fuzzypicks{$subjects{$2}} = $1;
+ }
+ }
+ }
+
+ return %fuzzypicks;
+}
+
sub add_branch {
my $name = shift @_;
@@ -226,6 +258,20 @@ if (defined $fixed) {
}
}
+ if (int(@missing)) {
+ my @unfixed = @missing;
+ my %fuzzypicks = get_fuzzy_picks($branch, $basetag);
+ @missing = ();
+ for my $commit (@unfixed) {
+ if (exists $fuzzypicks{$commit}) {
+ my $fuzzy = $fuzzypicks{$commit};
+ add_fixed_commit($branch, $fuzzy);
+ } else {
+ push @missing, $commit;
+ }
+ }
+ }
+
# If all fixes on master exist on branch, then
# identify any tags holding the last cherry-pick
# so the branch gets marked as non-vulnerable.
--
2.21.0
7:09 p.m.
New subject: [libvirt] [security-notice PATCH 8/9] scripts: fuzzy matching on subject to identify unannotated cherry picks
On Mon, May 13, 2019 at 12:52:05PM +0100, Daniel P. Berrangé wrote:
Sometimes fixes are mistakenly cherry picked into branches without
using
the '-x' flag to record the cherry pick master commit. Add fuzzy
matching based on subject line to attempt to identify these fixes on
branches.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
scripts/report-vulnerable-tags.pl | 46 +++++++++++++++++++++++++++++++
1 file changed, 46 insertions(+)
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
7:52 p.m.
New subject: [libvirt] [security-notice PATCH 9/9] notices: re-generate all branch/tag info
Use the new script logic to regenerate all branch tag info for flaws
A few manual edits are still needed, as the script still doesn't cope
with two situations:
- The vulnerable commit from master was backported to an older
branch. We don't search older branches looking for cherry-picks
yet
- There are multiple vulnerable commits, and they were introduce
across multiple releases. This means some older branches only
contain a subset of the vulnerable commits. We don't check
which vulnerable commits are applicable to branches, instead
assuming all vulnerable commits arrived at the same time.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
notices/2008/0001.xml | 6 --
notices/2009/0001.xml | 2 +
notices/2010/0001.xml | 3 -
notices/2010/0002.xml | 3 -
notices/2010/0004.xml | 2 +-
notices/2011/0001.xml | 10 ++-
notices/2011/0002.xml | 4 ++
notices/2012/0001.xml | 14 +++-
notices/2012/0002.xml | 2 +-
notices/2012/0003.xml | 4 ++
notices/2013/0001.xml | 8 +++
notices/2013/0002.xml | 8 +++
notices/2013/0003.xml | 21 ++++++
notices/2013/0005.xml | 2 +-
notices/2013/0006.xml | 1 +
notices/2013/0007.xml | 2 +-
notices/2013/0010.xml | 16 ++++-
notices/2013/0012.xml | 28 ++++++--
notices/2013/0015.xml | 2 +-
notices/2013/0016.xml | 22 ++++--
notices/2013/0018.xml | 102 +++++++++++++-------------
notices/2013/0020.xml | 68 +++++++++++-------
notices/2013/0021.xml | 2 +-
notices/2014/0001.xml | 8 +++
notices/2014/0003.xml | 107 +++++++++++++++++++++++-----
notices/2014/0004.xml | 25 +++++--
notices/2014/0005.xml | 21 ++++--
notices/2014/0006.xml | 22 ++++--
notices/2014/0007.xml | 18 +++--
notices/2014/0008.xml | 6 +-
notices/2014/0009.xml | 5 +-
notices/2014/0010.xml | 8 ++-
notices/2015/0001.xml | 10 +--
notices/2015/0002.xml | 6 +-
notices/2015/0003.xml | 14 ++--
notices/2015/0004.xml | 13 ++--
notices/2016/0001.xml | 4 +-
notices/2016/0002.xml | 1 +
notices/2017/0001.xml | 4 +-
notices/2017/0002.xml | 6 +-
notices/2018/0001.xml | 159 ++++++++++++++++++++++++++++++++++++++++-
notices/2018/0002.xml | 158 +++++++++++++++++++++++++++++++++++++++-
notices/2018/0003.xml | 161 ++++++++++++++++++++++++++++++++++++++++-
notices/2018/0004.xml | 159 ++++++++++++++++++++++++++++++++++++++++-
notices/2018/0005.xml | 162 +++++++++++++++++++++++++++++++++++++++++-
notices/2019/0001.xml | 2 +-
notices/2019/0002.xml | 2 +-
47 files changed, 1224 insertions(+), 189 deletions(-)
diff --git a/notices/2008/0001.xml b/notices/2008/0001.xml
index 9877cd4..7d2bfcf 100644
--- a/notices/2008/0001.xml
+++ b/notices/2008/0001.xml
@@ -66,17 +66,11 @@ rule to prevent them access without first authenticating as
root.]]>
<tag state="vulnerable">v0.4.6</tag>
<tag state="vulnerable">v0.5.0</tag>
<tag state="vulnerable">v0.5.1</tag>
- <!-- virDomainSetAutostart, virNetworkSetAutostart -->
<change
state="vulnerable">57a18198814f80b1397e1a14d33746034b9dbd5c</change>
- <!-- virDomainMigrate -->
<change
state="vulnerable">81005437f4e860d6d65243473c593e4335193b13</change>
- <!-- virStoragePoolSetAutostart -->
<change
state="vulnerable">cb228a0e24266f43dbab208bd38965e511f714ee</change>
- <!-- virDomainBlockPeek -->
<change
state="vulnerable">8354895e681e8aee9bfa0290cb98123858165b91</change>
- <!-- virDomainMemoryPeek -->
<change
state="vulnerable">6bcf25017bc66ef866768c7a827dfe03c96638f0</change>
- <!-- virConnectFindStoragePoolSources -->
<change
state="vulnerable">39c9354c5ce87e1205f41af4737f970aa4f6e5dd</change>
<tag state="fixed">v0.6.0</tag>
<change
state="fixed">53611889ff93c442028828c70472151a7cf1bf4d</change>
diff --git a/notices/2009/0001.xml b/notices/2009/0001.xml
index 85aefa1..73d6316 100644
--- a/notices/2009/0001.xml
+++ b/notices/2009/0001.xml
@@ -59,6 +59,8 @@ their privileges.]]>
<tag state="vulnerable">v0.1.7</tag>
<tag state="vulnerable">v0.1.8</tag>
<tag state="vulnerable">v0.1.9</tag>
+ <tag state="vulnerable">v0.1.10</tag>
+ <tag state="vulnerable">v0.1.11</tag>
<tag state="vulnerable">v0.2.0</tag>
<tag state="vulnerable">v0.2.1</tag>
<tag state="vulnerable">v0.2.2</tag>
diff --git a/notices/2010/0001.xml b/notices/2010/0001.xml
index e197557..874ed8a 100644
--- a/notices/2010/0001.xml
+++ b/notices/2010/0001.xml
@@ -57,11 +57,8 @@ expected to be a raw disks file and writing a qcow2 header into
it.]]>
<tag state="vulnerable">v0.8.0</tag>
<tag state="vulnerable">v0.8.1</tag>
<tag state="vulnerable">v0.8.2</tag>
- <!-- SELinux driver -->
<change
state="vulnerable">fe627697a3830cd2db0efcc201d8caa9e171263d</change>
- <!-- DAC driver -->
<change
state="vulnerable">15f5eaa09895d68b849a0b0ec458acdafe75d080</change>
- <!-- CGroups driver -->
<change
state="vulnerable">117d04fb1d388df700cc37c4d2a68189fab280c0</change>
<tag state="fixed">v0.8.3</tag>
<change
state="fixed">68719c4bddb85fbcc931a5b7d99ac7c8a0af09b0</change>
diff --git a/notices/2010/0002.xml b/notices/2010/0002.xml
index 97e7553..f8fb356 100644
--- a/notices/2010/0002.xml
+++ b/notices/2010/0002.xml
@@ -58,11 +58,8 @@ expected to be a raw backing file and writing a qcow2 header into
it.]]>
<tag state="vulnerable">v0.8.0</tag>
<tag state="vulnerable">v0.8.1</tag>
<tag state="vulnerable">v0.8.2</tag>
- <!-- SELinux driver -->
<change
state="vulnerable">fe627697a3830cd2db0efcc201d8caa9e171263d</change>
- <!-- DAC driver -->
<change
state="vulnerable">15f5eaa09895d68b849a0b0ec458acdafe75d080</change>
- <!-- CGroups driver -->
<change
state="vulnerable">117d04fb1d388df700cc37c4d2a68189fab280c0</change>
<tag state="fixed">v0.8.3</tag>
<change
state="fixed">68719c4bddb85fbcc931a5b7d99ac7c8a0af09b0</change>
diff --git a/notices/2010/0004.xml b/notices/2010/0004.xml
index 0403f50..080114d 100644
--- a/notices/2010/0004.xml
+++ b/notices/2010/0004.xml
@@ -86,7 +86,7 @@ network.]]>
<tag state="vulnerable">v0.8.1</tag>
<tag state="vulnerable">v0.8.2</tag>
<change
state="vulnerable">3ea88b568d7f5550ac399f310d2a4488bc31618d</change>
- <tag state="vulnerable">v0.8.3</tag>
+ <tag state="fixed">v0.8.3</tag>
<change
state="fixed">c567853089a2764c964002dd752e09e318524a38</change>
</branch>
</product>
diff --git a/notices/2011/0001.xml b/notices/2011/0001.xml
index b132ae4..a24dd0f 100644
--- a/notices/2011/0001.xml
+++ b/notices/2011/0001.xml
@@ -76,16 +76,20 @@ rule to prevent them access without first authenticating as
root.]]>
<tag state="vulnerable">v0.8.4</tag>
<tag state="vulnerable">v0.8.5</tag>
<tag state="vulnerable">v0.8.6</tag>
+ <tag state="vulnerable">v0.8.7</tag>
<tag state="vulnerable">v0.8.8</tag>
- <!-- virNodeDeviceDettach, virNodeDeviceReAttach, virNodeDeviceReset -->
<change
state="vulnerable">737af2ea04aa1eb954635bd90d0dbcffdd7ff734</change>
- <!-- virConnectDomainXMLToNative -->
<change
state="vulnerable">4d5383fd36c64a83520c9a6e09c946c4ba86cc29</change>
- <!-- virDomainRevertToSnapshot, virDomainSnapshotDelete -->
<change
state="vulnerable">2f992d4be4c6157feec4f88ac586f2c50a8fd466</change>
<tag state="fixed">v0.9.0</tag>
<change
state="fixed">71753cb7f7a16ff800381c0b5ee4e99eea92fed3</change>
</branch>
+ <branch>
+ <name>v0.8.3-maint</name>
+ <change
state="vulnerable">737af2ea04aa1eb954635bd90d0dbcffdd7ff734</change>
+ <change
state="vulnerable">4d5383fd36c64a83520c9a6e09c946c4ba86cc29</change>
+ <change
state="vulnerable">2f992d4be4c6157feec4f88ac586f2c50a8fd466</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2011/0002.xml b/notices/2011/0002.xml
index f086a4d..92d5c8f 100644
--- a/notices/2011/0002.xml
+++ b/notices/2011/0002.xml
@@ -74,6 +74,10 @@ daemon itself may crash.]]>
<tag state="fixed">v0.9.0</tag>
<change
state="fixed">f44bfb7fb978c9313ce050a1c4149bf04aa0a670</change>
</branch>
+ <branch>
+ <name>v0.8.3-maint</name>
+ <change
state="vulnerable">4a00119a0ac6828b0f54ed8ecc9f4c338e167d6b</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2012/0001.xml b/notices/2012/0001.xml
index 2e246c8..ae9bf94 100644
--- a/notices/2012/0001.xml
+++ b/notices/2012/0001.xml
@@ -97,6 +97,10 @@ DNS ports on the virtualization host]]>
<tag state="fixed">v1.0.1</tag>
<change
state="fixed">753ff83a50263d6975f88d6605d4b5ddfcc97560</change>
</branch>
+ <branch>
+ <name>v0.8.3-maint</name>
+ <change
state="vulnerable">038b434f144fa9d24c6e4e9988707ee114973a8a</change>
+ </branch>
<branch>
<name>v0.9.6-maint</name>
<tag state="vulnerable">v0.9.6.1</tag>
@@ -114,15 +118,15 @@ DNS ports on the virtualization host]]>
<tag state="vulnerable">v0.9.11.5</tag>
<tag state="vulnerable">v0.9.11.6</tag>
<tag state="vulnerable">v0.9.11.7</tag>
- <tag state="vulnerable">v0.9.11.8</tag>
- <tag state="vulnerable">v0.9.11.9</tag>
- <tag state="vulnerable">v0.9.11.10</tag>
<change
state="vulnerable">038b434f144fa9d24c6e4e9988707ee114973a8a</change>
+ <tag state="fixed">v0.9.11.8</tag>
+ <change
state="fixed">2abde0ac0740e57c47ed684ce0d56195b977bdb3</change>
</branch>
<branch>
<name>v0.9.12-maint</name>
<tag state="vulnerable">v0.9.12.1</tag>
<tag state="vulnerable">v0.9.12.2</tag>
+ <tag state="vulnerable">v0.9.12.3</tag>
<change
state="vulnerable">038b434f144fa9d24c6e4e9988707ee114973a8a</change>
</branch>
<branch>
@@ -132,6 +136,10 @@ DNS ports on the virtualization host]]>
<tag state="fixed">v0.10.2.2</tag>
<change
state="fixed">3fbab08a52fd8cabbf5639c6badd34ceff3e53fe</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">038b434f144fa9d24c6e4e9988707ee114973a8a</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2012/0002.xml b/notices/2012/0002.xml
index 6f86c38..73e384f 100644
--- a/notices/2012/0002.xml
+++ b/notices/2012/0002.xml
@@ -66,7 +66,7 @@ non-allocated memory.]]>
<change
state="vulnerable">40624d32fb54920e4aa434fbb2b8999d17e02931</change>
<tag state="fixed">v0.9.11.5</tag>
<change
state="fixed">45d6729f98e9842b139b809078d43f1f7a8c779b</change>
- </branch>
+ </branch>
<branch>
<name>v0.9.12-maint</name>
<change
state="vulnerable">40624d32fb54920e4aa434fbb2b8999d17e02931</change>
diff --git a/notices/2012/0003.xml b/notices/2012/0003.xml
index 08eff49..9c5d527 100644
--- a/notices/2012/0003.xml
+++ b/notices/2012/0003.xml
@@ -81,6 +81,10 @@ malicious user from connecting to libvirtd.]]>
<tag state="fixed">v0.10.2</tag>
<change
state="fixed">b7ff9e696063189a715802d081d55a398663c15a</change>
</branch>
+ <branch>
+ <name>v0.8.3-maint</name>
+ <change
state="vulnerable">a147ef38374f17c3d02b7db8e857ca33c5c346f9</change>
+ </branch>
<branch>
<name>v0.9.6-maint</name>
<tag state="vulnerable">v0.9.6.1</tag>
diff --git a/notices/2013/0001.xml b/notices/2013/0001.xml
index cd63df3..97d8949 100644
--- a/notices/2013/0001.xml
+++ b/notices/2013/0001.xml
@@ -89,6 +89,14 @@ to crash]]>
<tag state="fixed">v0.10.2.3</tag>
<change
state="fixed">f104a2a6b36aa6f4842c0a64354055657c0df8e2</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">b2c62316477989f8d728af49bdac8248ab5f5463</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">b2c62316477989f8d728af49bdac8248ab5f5463</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2013/0002.xml b/notices/2013/0002.xml
index 42928cc..6959501 100644
--- a/notices/2013/0002.xml
+++ b/notices/2013/0002.xml
@@ -65,6 +65,14 @@ service]]>
<tag state="fixed">v0.10.2.5</tag>
<change
state="fixed">0f2eda0da9efd25b280c23a5a0d0fdf46f0c3c67</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">a8bac1c0f3b9ff8dd3982a7086d45466055ea0d1</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">a8bac1c0f3b9ff8dd3982a7086d45466055ea0d1</change>
+ </branch>
<branch>
<name>v1.0.2-maint</name>
<change
state="vulnerable">a8bac1c0f3b9ff8dd3982a7086d45466055ea0d1</change>
diff --git a/notices/2013/0003.xml b/notices/2013/0003.xml
index adf67c7..509f0ec 100644
--- a/notices/2013/0003.xml
+++ b/notices/2013/0003.xml
@@ -68,6 +68,26 @@ interfaces.]]>
<tag state="vulnerable">v0.10.2.8</tag>
<change
state="vulnerable">a3cf061c824aac0c4cb06ac91ac0bff612bf0e86</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">a3cf061c824aac0c4cb06ac91ac0bff612bf0e86</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">a3cf061c824aac0c4cb06ac91ac0bff612bf0e86</change>
+ </branch>
+ <branch>
+ <name>v1.0.2-maint</name>
+ <change
state="vulnerable">a3cf061c824aac0c4cb06ac91ac0bff612bf0e86</change>
+ </branch>
+ <branch>
+ <name>v1.0.3-maint</name>
+ <change
state="vulnerable">a3cf061c824aac0c4cb06ac91ac0bff612bf0e86</change>
+ </branch>
+ <branch>
+ <name>v1.0.4-maint</name>
+ <change
state="vulnerable">a3cf061c824aac0c4cb06ac91ac0bff612bf0e86</change>
+ </branch>
<branch>
<name>v1.0.5-maint</name>
<tag state="vulnerable">v1.0.5.1</tag>
@@ -78,6 +98,7 @@ interfaces.]]>
<tag state="vulnerable">v1.0.5.6</tag>
<tag state="vulnerable">v1.0.5.7</tag>
<tag state="vulnerable">v1.0.5.8</tag>
+ <tag state="vulnerable">v1.0.5.9</tag>
<change
state="vulnerable">a3cf061c824aac0c4cb06ac91ac0bff612bf0e86</change>
</branch>
<branch>
diff --git a/notices/2013/0005.xml b/notices/2013/0005.xml
index e658f53..6609e8b 100644
--- a/notices/2013/0005.xml
+++ b/notices/2013/0005.xml
@@ -45,7 +45,7 @@ crash the libvirtd daemon resulting in a denial of service.]]>
<name>master</name>
<tag state="vulnerable">v1.1.0</tag>
<change
state="vulnerable">3099c063e348fdc79a900f88bcfc5389dada7786</change>
- <tag state="vulnerable">v1.1.1</tag>
+ <tag state="fixed">v1.1.1</tag>
<change
state="fixed">dfc692350a04a70b4ca65667c30869b3bfdaf034</change>
</branch>
<branch>
diff --git a/notices/2013/0006.xml b/notices/2013/0006.xml
index 8121947..abd4d5e 100644
--- a/notices/2013/0006.xml
+++ b/notices/2013/0006.xml
@@ -48,6 +48,7 @@ or deny the permission bits in the access control policy.]]>
<name>master</name>
<tag state="vulnerable">v1.1.0</tag>
<change
state="vulnerable">d47eff88fe50e43a36671f6d8d0eeda52835d5e0</change>
+ <tag state="fixed">v1.1.1</tag>
<change
state="fixed">96518d4316b711c72205117f8d5c967d5127bbb6</change>
</branch>
<branch>
diff --git a/notices/2013/0007.xml b/notices/2013/0007.xml
index be8f45a..55ba600 100644
--- a/notices/2013/0007.xml
+++ b/notices/2013/0007.xml
@@ -45,11 +45,11 @@ list of inactive domains on a Xen host]]>
<name>master</name>
<tag state="vulnerable">v1.1.1</tag>
<change
state="vulnerable">632180d14f4a4934436ee4c9ebd8f6b8feed671f</change>
+ <tag state="fixed">v1.1.2</tag>
<change
state="fixed">0e671a1646df543eab683b38f6644f70d12fbee1</change>
</branch>
<branch>
<name>v1.1.1-maint</name>
- <tag state="vulnerable"></tag>
<change
state="vulnerable">632180d14f4a4934436ee4c9ebd8f6b8feed671f</change>
<change
state="fixed">673ff0d7ea937b104c67161843949e83b8080c3b</change>
</branch>
diff --git a/notices/2013/0010.xml b/notices/2013/0010.xml
index f745cd5..27515b0 100644
--- a/notices/2013/0010.xml
+++ b/notices/2013/0010.xml
@@ -102,8 +102,9 @@ access control framework.]]>
</branch>
<branch>
<name>v0.9.12-maint</name>
+ <tag state="vulnerable">v0.9.12.1</tag>
<change
state="vulnerable">158ba8730e44b7dd07a21ab90499996c5dec080a</change>
- <tag state="fixed">v0.9.12.1</tag>
+ <tag state="fixed">v0.9.12.2</tag>
<change
state="fixed">2f34eae93a09ac94297eaa91ad8f4b037b2c9e27</change>
</branch>
<branch>
@@ -119,6 +120,14 @@ access control framework.]]>
<tag state="fixed">v0.10.2.8</tag>
<change
state="fixed">455de1215cc921efcd2b210f129f55c27445d623</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">158ba8730e44b7dd07a21ab90499996c5dec080a</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">158ba8730e44b7dd07a21ab90499996c5dec080a</change>
+ </branch>
<branch>
<name>v1.0.2-maint</name>
<change
state="vulnerable">158ba8730e44b7dd07a21ab90499996c5dec080a</change>
@@ -160,6 +169,11 @@ access control framework.]]>
<change
state="vulnerable">158ba8730e44b7dd07a21ab90499996c5dec080a</change>
<change
state="fixed">f229972fd92374eed356c3ede74b886ebe77734e</change>
</branch>
+ <branch>
+ <name>v1.1.2-maint</name>
+ <change
state="vulnerable">158ba8730e44b7dd07a21ab90499996c5dec080a</change>
+ <change
state="fixed">10d159fee27d007de42890626340c581cd12d788</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2013/0012.xml b/notices/2013/0012.xml
index cb0acce..1560fb6 100644
--- a/notices/2013/0012.xml
+++ b/notices/2013/0012.xml
@@ -51,7 +51,6 @@ server and use of the polkit access control driver.]]>
<repository>libvirt.git</repository>
<branch>
<name>master</name>
- <tag state="vulnerable">v0.7.0</tag>
<tag state="vulnerable">v0.7.1</tag>
<tag state="vulnerable">v0.7.2</tag>
<tag state="vulnerable">v0.7.3</tag>
@@ -98,6 +97,11 @@ server and use of the polkit access control driver.]]>
<change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
<tag state="fixed">v1.1.3</tag>
<change
state="fixed">922b7fda77b094dbf022d625238262ea05335666</change>
+ <change
state="fixed">e4697b92abaad16e8e6b41a1e55be9b084d48d5a</change>
+ </branch>
+ <branch>
+ <name>v0.8.3-maint</name>
+ <change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
</branch>
<branch>
<name>v0.9.6-maint</name>
@@ -123,8 +127,10 @@ server and use of the polkit access control driver.]]>
</branch>
<branch>
<name>v0.9.12-maint</name>
+ <tag state="vulnerable">v0.9.12.1</tag>
+ <tag state="vulnerable">v0.9.12.2</tag>
+ <tag state="vulnerable">v0.9.12.3</tag>
<change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
- <tag state="fixed">v0.9.12.1</tag>
<change
state="fixed">078627104d338b8de18156a7162d9b19378c5e88</change>
</branch>
<branch>
@@ -136,10 +142,18 @@ server and use of the polkit access control driver.]]>
<tag state="vulnerable">v0.10.2.5</tag>
<tag state="vulnerable">v0.10.2.6</tag>
<tag state="vulnerable">v0.10.2.7</tag>
+ <tag state="vulnerable">v0.10.2.8</tag>
<change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
- <tag state="fixed">v0.10.2.8</tag>
<change
state="fixed">77d448e15d73773d5ffe00b62dbdbc0380c4faae</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
+ </branch>
<branch>
<name>v1.0.2-maint</name>
<change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
@@ -162,8 +176,11 @@ server and use of the polkit access control driver.]]>
<tag state="vulnerable">v1.0.5.3</tag>
<tag state="vulnerable">v1.0.5.4</tag>
<tag state="vulnerable">v1.0.5.5</tag>
+ <tag state="vulnerable">v1.0.5.6</tag>
+ <tag state="vulnerable">v1.0.5.7</tag>
+ <tag state="vulnerable">v1.0.5.8</tag>
+ <tag state="vulnerable">v1.0.5.9</tag>
<change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
- <tag state="fixed">v1.0.5.6</tag>
<change
state="fixed">85ca41529db49a5e0ff633eaa891136218c03645</change>
</branch>
<branch>
@@ -174,16 +191,19 @@ server and use of the polkit access control driver.]]>
<branch>
<name>v1.1.0-maint</name>
<change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
+ <change
state="fixed">d014e3eb084a0b3388bd351b9ce2d90e54234b4e</change>
<change
state="fixed">15033105c262ce115a05c8cba4951752b556fbe8</change>
</branch>
<branch>
<name>v1.1.1-maint</name>
<change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
+ <change
state="fixed">003b655e009597c514082ec832e96bfd78fdbece</change>
<change
state="fixed">7659e912c5e6d152210e7084d57770ea10335a3a</change>
</branch>
<branch>
<name>v1.1.2-maint</name>
<change
state="vulnerable">8e06c8b3da889899072d4ff051f3325fc4e4f58d</change>
+ <change
state="fixed">8616dc8b4f3bf0537cb316eb1465d213012d131f</change>
<change
state="fixed">2a32bbbfb118d68071bb0a107b20a5ffdfdc6808</change>
</branch>
</product>
diff --git a/notices/2013/0015.xml b/notices/2013/0015.xml
index fb97f80..ca363e6 100644
--- a/notices/2013/0015.xml
+++ b/notices/2013/0015.xml
@@ -49,7 +49,7 @@ could cause the libvirtd daemon to execute arbitrary binaries as
root]]>
<tag state="vulnerable">v1.1.2</tag>
<tag state="vulnerable">v1.1.3</tag>
<change
state="vulnerable">e341435e5090677c67a0d3d4ca0393102054841f</change>
- <tag state="fixed">1.1.4</tag>
+ <tag state="fixed">v1.1.4</tag>
<change
state="fixed">57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c</change>
</branch>
<branch>
diff --git a/notices/2013/0016.xml b/notices/2013/0016.xml
index d4dc4f3..75ca0ac 100644
--- a/notices/2013/0016.xml
+++ b/notices/2013/0016.xml
@@ -68,12 +68,27 @@ daemon]]>
<tag state="vulnerable">v0.10.2.6</tag>
<tag state="vulnerable">v0.10.2.7</tag>
<change
state="vulnerable">0fc89098a68f0f6962de8be4fc03ddd960ffbf08</change>
- <change state="fixed">v0.10.2.8</change>
+ <tag state="fixed">v0.10.2.8</tag>
<change
state="fixed">ecad40d8b84864bee4495d1447902a6206a39a4d</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">0fc89098a68f0f6962de8be4fc03ddd960ffbf08</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">0fc89098a68f0f6962de8be4fc03ddd960ffbf08</change>
+ </branch>
+ <branch>
+ <name>v1.0.2-maint</name>
+ <change
state="vulnerable">0fc89098a68f0f6962de8be4fc03ddd960ffbf08</change>
+ </branch>
+ <branch>
+ <name>v1.0.3-maint</name>
+ <change
state="vulnerable">0fc89098a68f0f6962de8be4fc03ddd960ffbf08</change>
+ </branch>
<branch>
<name>v1.0.4-maint</name>
- <tag state="vulnerable"></tag>
<change
state="vulnerable">0fc89098a68f0f6962de8be4fc03ddd960ffbf08</change>
<change
state="fixed">b68a721d45085115d9d1ffd5329aff1fdaf1845a</change>
</branch>
@@ -90,19 +105,16 @@ daemon]]>
</branch>
<branch>
<name>v1.0.6-maint</name>
- <tag state="vulnerable"></tag>
<change
state="vulnerable">0fc89098a68f0f6962de8be4fc03ddd960ffbf08</change>
<change
state="fixed">c56f17e5435858f30471eb3da3a19a3ccd9d5a3b</change>
</branch>
<branch>
<name>v1.1.0-maint</name>
- <tag state="vulnerable"></tag>
<change
state="vulnerable">0fc89098a68f0f6962de8be4fc03ddd960ffbf08</change>
<change
state="fixed">7d7e29bb939e3caabe8ddfef42bb44c0011436f3</change>
</branch>
<branch>
<name>v1.1.1-maint</name>
- <tag state="vulnerable"></tag>
<change
state="vulnerable">0fc89098a68f0f6962de8be4fc03ddd960ffbf08</change>
<change
state="fixed">02340c7f67c381395aeede4586bd3b1ff3f5d291</change>
</branch>
diff --git a/notices/2013/0018.xml b/notices/2013/0018.xml
index 01f6163..1beed4d 100644
--- a/notices/2013/0018.xml
+++ b/notices/2013/0018.xml
@@ -73,7 +73,7 @@ unless the guest OS is trusted.]]>
<tag state="vulnerable">v1.0.4</tag>
<tag state="vulnerable">v1.0.5</tag>
<tag state="vulnerable">v1.0.6</tag>
- <tag state="vulnerable">v1.0.0</tag>
+ <tag state="vulnerable">v1.1.0</tag>
<tag state="vulnerable">v1.1.1</tag>
<tag state="vulnerable">v1.1.2</tag>
<tag state="vulnerable">v1.1.3</tag>
@@ -85,9 +85,7 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
- <!--
<tag state="fixed">v1.2.2</tag>
- -->
<change
state="fixed">aebbcdd33c8c18891f0bdbbf8924599a28152c9c</change>
<change
state="fixed">4dd3a7d5bc44980135a1b11810ba9aeab42a4a59</change>
<change
state="fixed">7fba01c15c1f886b4235825692b4c13e88dd9f7b</change>
@@ -95,6 +93,14 @@ unless the guest OS is trusted.]]>
<change
state="fixed">1cadeafcaa422844a27ef622e2a7041d0235bcb3</change>
<change
state="fixed">5fc590ad9f4071350a8df4d567ba88baacc8334d</change>
</branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">cbb106f807b32f1f6af22d1e92fe0ff9ba6d73b3</change>
+ <change
state="vulnerable">de858e3fa7ffcab5f80d07f8a74d94cbaf8716b9</change>
+ <change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
+ <change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
+ <change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
+ </branch>
<branch>
<name>v1.0.2-maint</name>
<change
state="vulnerable">cbb106f807b32f1f6af22d1e92fe0ff9ba6d73b3</change>
@@ -135,12 +141,12 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
- <change
state="fixed">f84056cf6166332b1f15f3e6584a88f5d42273fe</change>
- <change
state="fixed">0e9fee68b3bff24e4d3ab48de8129946202f3bc0</change>
- <change
state="fixed">9849cf6d89e5665667a0df449ddc3fd5582da242</change>
- <change
state="fixed">21821ed4d1faf5bf563a26e8ac7cd2eb0450d322</change>
- <change
state="fixed">e57058cfe827b1971ca0dee224ff273c9cad7756</change>
<change
state="fixed">e1e7e05376faf1ed471cb5c1d1e0415458f2af7d</change>
+ <change
state="fixed">e57058cfe827b1971ca0dee224ff273c9cad7756</change>
+ <change
state="fixed">21821ed4d1faf5bf563a26e8ac7cd2eb0450d322</change>
+ <change
state="fixed">9849cf6d89e5665667a0df449ddc3fd5582da242</change>
+ <change
state="fixed">0e9fee68b3bff24e4d3ab48de8129946202f3bc0</change>
+ <change
state="fixed">f84056cf6166332b1f15f3e6584a88f5d42273fe</change>
</branch>
<branch>
<name>v1.0.6-maint</name>
@@ -149,12 +155,12 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
- <change
state="fixed">e9941eee1a3c1cb0af7bc39076eb0e8c2c4eb603</change>
- <change
state="fixed">84cf9af8d9a803f2e12df0b8b0c2bd2de544cf93</change>
- <change
state="fixed">f8706947b86e6de2961aacddb5eb2345d9c033b4</change>
- <change
state="fixed">081e0fabfd8c0f5c3f2c869ddcf11710c445a962</change>
- <change
state="fixed">b2a853e1f6aea9683a30eafd2b069b8be0fcf898</change>
<change
state="fixed">bd9ec4506e29a9ce682961eee99d0326ed64145d</change>
+ <change
state="fixed">b2a853e1f6aea9683a30eafd2b069b8be0fcf898</change>
+ <change
state="fixed">081e0fabfd8c0f5c3f2c869ddcf11710c445a962</change>
+ <change
state="fixed">f8706947b86e6de2961aacddb5eb2345d9c033b4</change>
+ <change
state="fixed">84cf9af8d9a803f2e12df0b8b0c2bd2de544cf93</change>
+ <change
state="fixed">e9941eee1a3c1cb0af7bc39076eb0e8c2c4eb603</change>
</branch>
<branch>
<name>v1.1.0-maint</name>
@@ -163,12 +169,12 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
- <change
state="fixed">61c7e0b66e8b37d4ea64024c100d2ed467d5cb47</change>
- <change
state="fixed">43720035b7f4c175ef2594296d874bc1910840b3</change>
- <change
state="fixed">212414281f0001da78f2312d7f52dcf124317fc9</change>
- <change
state="fixed">c17dd7ede2affd147ffdc5e8daef85939bda0dd0</change>
- <change
state="fixed">ed46a680a02cf96b229a89f74ddbab69522c9ef5</change>
<change
state="fixed">807db4a30ee903f973d496b3293d9e6aaa511174</change>
+ <change
state="fixed">ed46a680a02cf96b229a89f74ddbab69522c9ef5</change>
+ <change
state="fixed">c17dd7ede2affd147ffdc5e8daef85939bda0dd0</change>
+ <change
state="fixed">212414281f0001da78f2312d7f52dcf124317fc9</change>
+ <change
state="fixed">43720035b7f4c175ef2594296d874bc1910840b3</change>
+ <change
state="fixed">61c7e0b66e8b37d4ea64024c100d2ed467d5cb47</change>
</branch>
<branch>
<name>v1.1.1-maint</name>
@@ -177,12 +183,12 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
- <change
state="fixed">6ecb7bc3aed7f60edad5289c9b0cfcf99eee6611</change>
- <change
state="fixed">72a4c29ca72789b13de1ed9cb96df9fb2b0fdde4</change>
- <change
state="fixed">83f83508e128275bd1b74988162dc6b9f86e00ee</change>
- <change
state="fixed">398c88edfaef50b9b59eb2d9a61b07c9c940a661</change>
- <change
state="fixed">dd055960df60c536957664f0ae3c591feecf7b09</change>
<change
state="fixed">14d69bd00e4455a1d174d14c5af73975cf9e904a</change>
+ <change
state="fixed">dd055960df60c536957664f0ae3c591feecf7b09</change>
+ <change
state="fixed">398c88edfaef50b9b59eb2d9a61b07c9c940a661</change>
+ <change
state="fixed">83f83508e128275bd1b74988162dc6b9f86e00ee</change>
+ <change
state="fixed">72a4c29ca72789b13de1ed9cb96df9fb2b0fdde4</change>
+ <change
state="fixed">6ecb7bc3aed7f60edad5289c9b0cfcf99eee6611</change>
</branch>
<branch>
<name>v1.1.2-maint</name>
@@ -191,12 +197,12 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
- <change
state="fixed">f639b2d17ce935b650bb2aca7bdd8d727cab8b02</change>
- <change
state="fixed">a06bdfcb446f182e490f70422a8431c3bcb2c801</change>
- <change
state="fixed">77ddbad2a9272239a09673c5d6993793308514e9</change>
- <change
state="fixed">a6e9270ec79924fabd5a872984bb5d38eaf3df8a</change>
- <change
state="fixed">eae2a2ada81c5828991bb1b9438f7556a7e51ce8</change>
<change
state="fixed">21368274a9aa91e8a5f0addb3a6bba8dad91e334</change>
+ <change
state="fixed">eae2a2ada81c5828991bb1b9438f7556a7e51ce8</change>
+ <change
state="fixed">a6e9270ec79924fabd5a872984bb5d38eaf3df8a</change>
+ <change
state="fixed">77ddbad2a9272239a09673c5d6993793308514e9</change>
+ <change
state="fixed">a06bdfcb446f182e490f70422a8431c3bcb2c801</change>
+ <change
state="fixed">f639b2d17ce935b650bb2aca7bdd8d727cab8b02</change>
</branch>
<branch>
<name>v1.1.3-maint</name>
@@ -209,12 +215,12 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
<tag state="fixed">v1.1.3.4</tag>
- <change
state="fixed">a3a3cfcb7c400bcde198b5b929ff2d4f889dee78</change>
- <change
state="fixed">cb016b9ef1a6d786657a98546db8412f86510367</change>
- <change
state="fixed">72e379ed93b4707e26bbc5e3457a85833f50eb1a</change>
- <change
state="fixed">fcf05c194cb1cca6b5c703073b97ed1408a2c546</change>
- <change
state="fixed">d5c0b57fffbe651c425b4de6c11712030cce7e7e</change>
<change
state="fixed">fef343339127b989746214b86901553da6d17863</change>
+ <change
state="fixed">d5c0b57fffbe651c425b4de6c11712030cce7e7e</change>
+ <change
state="fixed">fcf05c194cb1cca6b5c703073b97ed1408a2c546</change>
+ <change
state="fixed">72e379ed93b4707e26bbc5e3457a85833f50eb1a</change>
+ <change
state="fixed">cb016b9ef1a6d786657a98546db8412f86510367</change>
+ <change
state="fixed">a3a3cfcb7c400bcde198b5b929ff2d4f889dee78</change>
</branch>
<branch>
<name>v1.1.4-maint</name>
@@ -223,12 +229,12 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
- <change
state="fixed">28681077373f1fa567b7f56117a22047f90925fe</change>
- <change
state="fixed">0e931dfcda308fbb84eef42bc92e257e39af083d</change>
- <change
state="fixed">3101022b4d4fee46916b87b1c21a3956a91d94b2</change>
- <change
state="fixed">1d1daaf58677cfa843b6891a98dc6cdb42116434</change>
- <change
state="fixed">80f57ec4224af65392db09fb8f47be7434e2fc86</change>
<change
state="fixed">ba4065b6f64fca7706070b8458fdf0bc06115b9b</change>
+ <change
state="fixed">80f57ec4224af65392db09fb8f47be7434e2fc86</change>
+ <change
state="fixed">1d1daaf58677cfa843b6891a98dc6cdb42116434</change>
+ <change
state="fixed">3101022b4d4fee46916b87b1c21a3956a91d94b2</change>
+ <change
state="fixed">0e931dfcda308fbb84eef42bc92e257e39af083d</change>
+ <change
state="fixed">28681077373f1fa567b7f56117a22047f90925fe</change>
</branch>
<branch>
<name>v1.2.0-maint</name>
@@ -237,12 +243,12 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
- <change
state="fixed">3e97a53caa9adddd47da1c22dbed81ef2e02f735</change>
- <change
state="fixed">17188260657e095f5d210bc73ba1661875a8f885</change>
- <change
state="fixed">70665ec5f2cd910666bc703727dc6d7c15efe7bf</change>
- <change
state="fixed">3f43a7727ac068de8aac6b9c030b38fb3cb1426d</change>
- <change
state="fixed">cd48d62aca488a116b47073be2607653a1d3305e</change>
<change
state="fixed">8fca7a4fa6b40d21723008d2092536349f20517d</change>
+ <change
state="fixed">cd48d62aca488a116b47073be2607653a1d3305e</change>
+ <change
state="fixed">3f43a7727ac068de8aac6b9c030b38fb3cb1426d</change>
+ <change
state="fixed">70665ec5f2cd910666bc703727dc6d7c15efe7bf</change>
+ <change
state="fixed">17188260657e095f5d210bc73ba1661875a8f885</change>
+ <change
state="fixed">3e97a53caa9adddd47da1c22dbed81ef2e02f735</change>
</branch>
<branch>
<name>v1.2.1-maint</name>
@@ -251,12 +257,12 @@ unless the guest OS is trusted.]]>
<change
state="vulnerable">ed77abc58bc5a6837a5021f26e1a335dbfb477bf</change>
<change
state="vulnerable">a5efb3190913b6903775ca3756f79443d4ea8a5b</change>
<change
state="vulnerable">4ad6a013304f6fe29b0866742c902054bfbcf23f</change>
- <change
state="fixed">8b546028f901dc414463678574ceabbacc37c4cb</change>
- <change
state="fixed">b0ed2d94ace3c57198ce7b4793f906abf5397e36</change>
- <change
state="fixed">ee1269eecd3566729f3909db624f7ebd7bf1b84a</change>
- <change
state="fixed">b9997828231b3492252cb6d9a0ad4f3dc522791e</change>
- <change
state="fixed">51a897a22e1c031edd46fd077487a2f8e649cb9f</change>
<change
state="fixed">ad52184399aa414fa3d7e2756e4ea6a45ec0d3a3</change>
+ <change
state="fixed">51a897a22e1c031edd46fd077487a2f8e649cb9f</change>
+ <change
state="fixed">b9997828231b3492252cb6d9a0ad4f3dc522791e</change>
+ <change
state="fixed">ee1269eecd3566729f3909db624f7ebd7bf1b84a</change>
+ <change
state="fixed">b0ed2d94ace3c57198ce7b4793f906abf5397e36</change>
+ <change
state="fixed">8b546028f901dc414463678574ceabbacc37c4cb</change>
</branch>
</product>
diff --git a/notices/2013/0020.xml b/notices/2013/0020.xml
index 1e0bf93..cff2f52 100644
--- a/notices/2013/0020.xml
+++ b/notices/2013/0020.xml
@@ -60,7 +60,6 @@ actions is sufficient to avoid the problem.]]>
<repository>libvirt.git</repository>
<branch>
<name>master</name>
- <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
<tag state="vulnerable">v0.8.2</tag>
<tag state="vulnerable">v0.8.3</tag>
<tag state="vulnerable">v0.8.4</tag>
@@ -70,15 +69,12 @@ actions is sufficient to avoid the problem.]]>
<tag state="vulnerable">v0.8.8</tag>
<tag state="vulnerable">v0.9.0</tag>
<tag state="vulnerable">v0.9.1</tag>
- <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
<tag state="vulnerable">v0.9.2</tag>
<tag state="vulnerable">v0.9.3</tag>
- <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
<tag state="vulnerable">v0.9.4</tag>
<tag state="vulnerable">v0.9.5</tag>
<tag state="vulnerable">v0.9.6</tag>
<tag state="vulnerable">v0.9.7</tag>
- <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="vulnerable">v0.9.8</tag>
<tag state="vulnerable">v0.9.9</tag>
<tag state="vulnerable">v0.9.10</tag>
@@ -101,6 +97,10 @@ actions is sufficient to avoid the problem.]]>
<tag state="vulnerable">v1.1.3</tag>
<tag state="vulnerable">v1.1.4</tag>
<tag state="vulnerable">v1.2.0</tag>
+ <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
+ <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
+ <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="fixed">v1.2.1</tag>
<change
state="fixed">db86da5ca2109e4006c286a09b6c75bfe10676ad</change>
<change
state="fixed">b799259583bd65c0b2f5042e6c3ff19637ade881</change>
@@ -110,23 +110,23 @@ actions is sufficient to avoid the problem.]]>
<branch>
<name>v0.8.3-maint</name>
<change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
+ <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
+ <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
</branch>
<branch>
<name>v0.9.6-maint</name>
- <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
- <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
- <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
<tag state="vulnerable">v0.9.6.1</tag>
<tag state="vulnerable">v0.9.6.2</tag>
<tag state="vulnerable">v0.9.6.3</tag>
<tag state="vulnerable">v0.9.6.4</tag>
- </branch>
- <branch>
- <name>v0.9.11-maint</name>
<change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
<change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
<change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
<change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
+ </branch>
+ <branch>
+ <name>v0.9.11-maint</name>
<tag state="vulnerable">v0.9.11.1</tag>
<tag state="vulnerable">v0.9.11.2</tag>
<tag state="vulnerable">v0.9.11.3</tag>
@@ -137,27 +137,27 @@ actions is sufficient to avoid the problem.]]>
<tag state="vulnerable">v0.9.11.8</tag>
<tag state="vulnerable">v0.9.11.9</tag>
<tag state="vulnerable">v0.9.11.10</tag>
+ <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
+ <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
+ <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
</branch>
<branch>
<name>v0.9.12-maint</name>
+ <tag state="vulnerable">v0.9.12.1</tag>
+ <tag state="vulnerable">v0.9.12.2</tag>
<change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
<change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
<change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
<change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
- <tag state="vulnerable">v0.9.12.1</tag>
- <tag state="vulnerable">v0.9.12.2</tag>
+ <tag state="fixed">v0.9.12.3</tag>
<change
state="fixed">c430c002dd8287c5d7b834993ddfbd61435248c4</change>
<change
state="fixed">4dd29d3bdf4bf3a4c4b1077ddf4355bcf548ca2f</change>
<change
state="fixed">3e7d9e54e9ce286fe1bee5d32089cd58d63e5cee</change>
<change
state="fixed">2786686eb5855e0046817d47055cd784881ca8cb</change>
- <tag state="fixed">v0.9.12.3</tag>
</branch>
<branch>
<name>v0.10.2-maint</name>
- <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
- <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
- <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
- <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="vulnerable">v0.10.2.1</tag>
<tag state="vulnerable">v0.10.2.2</tag>
<tag state="vulnerable">v0.10.2.3</tag>
@@ -166,11 +166,29 @@ actions is sufficient to avoid the problem.]]>
<tag state="vulnerable">v0.10.2.6</tag>
<tag state="vulnerable">v0.10.2.7</tag>
<tag state="vulnerable">v0.10.2.8</tag>
+ <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
+ <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
+ <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<change
state="fixed">5f5e9eb23dead857b1858da8b97a6cb0442fabed</change>
<change
state="fixed">7a9bcfa1ccc190e33e6fa931df8143cc9623cf24</change>
<change
state="fixed">95836cb26b1d91b8e9eba0c4764bc24cccc78684</change>
<change
state="fixed">f59d02c487659e9d9f8e152673a0fe4d612172b2</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
+ <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
+ <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
+ <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
+ <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
+ </branch>
<branch>
<name>v1.0.2-maint</name>
<change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
@@ -206,10 +224,6 @@ actions is sufficient to avoid the problem.]]>
</branch>
<branch>
<name>v1.0.5-maint</name>
- <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
- <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
- <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
- <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="vulnerable">v1.0.5.1</tag>
<tag state="vulnerable">v1.0.5.2</tag>
<tag state="vulnerable">v1.0.5.3</tag>
@@ -218,11 +232,15 @@ actions is sufficient to avoid the problem.]]>
<tag state="vulnerable">v1.0.5.6</tag>
<tag state="vulnerable">v1.0.5.7</tag>
<tag state="vulnerable">v1.0.5.8</tag>
+ <change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
+ <change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
+ <change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
+ <tag state="fixed">v1.0.5.9</tag>
<change
state="fixed">c67b0de046b16dca352537e8f39ff935a5fded76</change>
<change
state="fixed">923319189022c5806da01b963dddd8dff0d6c747</change>
<change
state="fixed">6cd879829aaf02f56182feb16b4284d5b3fdcfd7</change>
<change
state="fixed">dee5fc756648e62062da3366583fc343413e1ba7</change>
- <tag state="fixed">v1.0.5.9</tag>
</branch>
<branch>
<name>v1.0.6-maint</name>
@@ -270,17 +288,17 @@ actions is sufficient to avoid the problem.]]>
</branch>
<branch>
<name>v1.1.3-maint</name>
+ <tag state="vulnerable">v1.1.3.1</tag>
+ <tag state="vulnerable">v1.1.3.2</tag>
<change
state="vulnerable">ebb0c19c48690f0598de954f8e0e9d4d29d48b85</change>
<change
state="vulnerable">18c2a592064d69499f70428e498f4a3cb5161cda</change>
<change
state="vulnerable">b976165ca4d82788be77d14843a4d079139539ba</change>
<change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
- <tag state="vulnerable">v1.1.3.1</tag>
- <tag state="vulnerable">v1.1.3.2</tag>
+ <tag state="fixed">v1.1.3.3</tag>
<change
state="fixed">1bfc35e3f837ab7b399fe664281b7db06db96a05</change>
<change
state="fixed">0e98442e3bcbf832f49a6d36f94558bb026e3f3a</change>
<change
state="fixed">7354aaf4607beaa9f4a6d68e3b26a28c97494e58</change>
<change
state="fixed">a7844b9ec2718dad9f5e5316cc0673e95098d812</change>
- <tag state="fixed">v1.1.3.3</tag>
</branch>
<branch>
<name>v1.1.4-maint</name>
diff --git a/notices/2013/0021.xml b/notices/2013/0021.xml
index c961fd8..bc2762d 100644
--- a/notices/2013/0021.xml
+++ b/notices/2013/0021.xml
@@ -54,10 +54,10 @@ migration is sufficient to avoid the problem.]]>
<repository>libvirt.git</repository>
<branch>
<name>master</name>
- <change
state="vulnerable">9da7b11bcd3e9732dd881a9e6158a0c98bafd9fe</change>
<tag state="vulnerable">v1.1.0</tag>
<tag state="vulnerable">v1.1.1</tag>
<tag state="vulnerable">v1.1.2</tag>
+ <change
state="vulnerable">9da7b11bcd3e9732dd881a9e6158a0c98bafd9fe</change>
<tag state="fixed">v1.1.3</tag>
<change
state="fixed">484cc3217b73b865f00bf42a9c12187b37200699</change>
</branch>
diff --git a/notices/2014/0001.xml b/notices/2014/0001.xml
index dc93468..537d9f4 100644
--- a/notices/2014/0001.xml
+++ b/notices/2014/0001.xml
@@ -108,6 +108,14 @@ file]]>
<change
state="vulnerable">f4324e32927580e3620f0de3a0ec80334936e263</change>
<change
state="fixed">35ed9796981cf7b939f28b60ca828824a0488a3a</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">f4324e32927580e3620f0de3a0ec80334936e263</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">f4324e32927580e3620f0de3a0ec80334936e263</change>
+ </branch>
<branch>
<name>v1.0.2-maint</name>
<change
state="vulnerable">f4324e32927580e3620f0de3a0ec80334936e263</change>
diff --git a/notices/2014/0003.xml b/notices/2014/0003.xml
index 69e60c9..d99a612 100644
--- a/notices/2014/0003.xml
+++ b/notices/2014/0003.xml
@@ -82,6 +82,42 @@ be revoked]]>
<repository>libvirt.git</repository>
<branch>
<name>master</name>
+ <tag state="vulnerable">v0.0.5</tag>
+ <tag state="vulnerable">v0.1.0</tag>
+ <tag state="vulnerable">v0.1.1</tag>
+ <tag state="vulnerable">v0.1.3</tag>
+ <tag state="vulnerable">v0.1.4</tag>
+ <tag state="vulnerable">v0.1.6</tag>
+ <tag state="vulnerable">v0.1.7</tag>
+ <tag state="vulnerable">v0.1.8</tag>
+ <tag state="vulnerable">v0.1.9</tag>
+ <tag state="vulnerable">v0.1.10</tag>
+ <tag state="vulnerable">v0.1.11</tag>
+ <tag state="vulnerable">v0.2.0</tag>
+ <tag state="vulnerable">v0.2.1</tag>
+ <tag state="vulnerable">v0.2.2</tag>
+ <tag state="vulnerable">v0.2.3</tag>
+ <tag state="vulnerable">v0.3.0</tag>
+ <tag state="vulnerable">v0.3.1</tag>
+ <tag state="vulnerable">v0.3.2</tag>
+ <tag state="vulnerable">v0.3.3</tag>
+ <tag state="vulnerable">v0.4.1</tag>
+ <tag state="vulnerable">v0.4.2</tag>
+ <tag state="vulnerable">v0.4.4</tag>
+ <tag state="vulnerable">v0.4.6</tag>
+ <tag state="vulnerable">v0.5.0</tag>
+ <tag state="vulnerable">v0.5.1</tag>
+ <tag state="vulnerable">v0.6.0</tag>
+ <tag state="vulnerable">v0.6.1</tag>
+ <tag state="vulnerable">v0.6.2</tag>
+ <tag state="vulnerable">v0.6.3</tag>
+ <tag state="vulnerable">v0.6.4</tag>
+ <tag state="vulnerable">v0.6.5</tag>
+ <tag state="vulnerable">v0.7.0</tag>
+ <tag state="vulnerable">v0.7.1</tag>
+ <tag state="vulnerable">v0.7.2</tag>
+ <tag state="vulnerable">v0.7.3</tag>
+ <tag state="vulnerable">v0.7.4</tag>
<tag state="vulnerable">v0.7.5</tag>
<tag state="vulnerable">v0.7.6</tag>
<tag state="vulnerable">v0.7.7</tag>
@@ -108,6 +144,9 @@ be revoked]]>
<tag state="vulnerable">v0.9.11</tag>
<tag state="vulnerable">v0.9.12</tag>
<tag state="vulnerable">v0.9.13</tag>
+ <tag state="vulnerable">v0.10.0</tag>
+ <tag state="vulnerable">v0.10.1</tag>
+ <tag state="vulnerable">v0.10.2</tag>
<tag state="vulnerable">v1.0.0</tag>
<tag state="vulnerable">v1.0.1</tag>
<tag state="vulnerable">v1.0.2</tag>
@@ -129,25 +168,30 @@ be revoked]]>
<change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
<change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
<change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
- <change
state="fixed">d6b27d3e4c40946efa79e91d134616b41b1666c4</change>
<tag state="fixed">v1.2.5</tag>
+ <change
state="fixed">d6b27d3e4c40946efa79e91d134616b41b1666c4</change>
</branch>
<branch>
- <name>v0.9.6-maint</name>
+ <name>v0.8.3-maint</name>
<change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
<change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
<change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
+ </branch>
+ <branch>
+ <name>v0.9.6-maint</name>
<tag state="vulnerable">v0.9.6.1</tag>
<tag state="vulnerable">v0.9.6.2</tag>
<tag state="vulnerable">v0.9.6.3</tag>
<tag state="vulnerable">v0.9.6.4</tag>
+ <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
+ <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
+ <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<change
state="fixed">be7a5de9d0c406f36efae3230e1743c613ad6945</change>
</branch>
<branch>
<name>v0.9.11-maint</name>
- <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
- <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
- <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
<tag state="vulnerable">v0.9.11.1</tag>
<tag state="vulnerable">v0.9.11.2</tag>
<tag state="vulnerable">v0.9.11.3</tag>
@@ -158,22 +202,24 @@ be revoked]]>
<tag state="vulnerable">v0.9.11.8</tag>
<tag state="vulnerable">v0.9.11.9</tag>
<tag state="vulnerable">v0.9.11.10</tag>
- </branch>
- <branch>
- <name>v0.9.12-maint</name>
<change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
<change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
<change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
+ </branch>
+ <branch>
+ <name>v0.9.12-maint</name>
<tag state="vulnerable">v0.9.12.1</tag>
<tag state="vulnerable">v0.9.12.2</tag>
<tag state="vulnerable">v0.9.12.3</tag>
+ <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
+ <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
+ <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<change
state="fixed">022b34cee73f86b01724b5279cf626df9cca245f</change>
</branch>
<branch>
<name>v0.10.2-maint</name>
- <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
- <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
- <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
<tag state="vulnerable">v0.10.2.1</tag>
<tag state="vulnerable">v0.10.2.2</tag>
<tag state="vulnerable">v0.10.2.3</tag>
@@ -182,13 +228,32 @@ be revoked]]>
<tag state="vulnerable">v0.10.2.6</tag>
<tag state="vulnerable">v0.10.2.7</tag>
<tag state="vulnerable">v0.10.2.8</tag>
+ <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
+ <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
+ <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<change
state="fixed">16d55b311ad5c3c2e61494b848b1c6ee36897476</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
+ <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
+ <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
+ <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
+ <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
+ </branch>
<branch>
<name>v1.0.2-maint</name>
<change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
<change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
<change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<change
state="fixed">66de726e2175333bc9e0153f9ffc5f2025b199de</change>
</branch>
<branch>
@@ -196,6 +261,7 @@ be revoked]]>
<change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
<change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
<change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<change
state="fixed">16fc426a27d88bbdc96c307c7ef0cce25e8ae717</change>
</branch>
<branch>
@@ -203,13 +269,11 @@ be revoked]]>
<change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
<change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
<change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<change
state="fixed">040df62ae7fcbbead96c2f2191651daf35686986</change>
</branch>
<branch>
<name>v1.0.5-maint</name>
- <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
- <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
- <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
<tag state="vulnerable">v1.0.5.1</tag>
<tag state="vulnerable">v1.0.5.2</tag>
<tag state="vulnerable">v1.0.5.3</tag>
@@ -219,6 +283,10 @@ be revoked]]>
<tag state="vulnerable">v1.0.5.7</tag>
<tag state="vulnerable">v1.0.5.8</tag>
<tag state="vulnerable">v1.0.5.9</tag>
+ <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
+ <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
+ <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<change
state="fixed">4410a83e18c1b41f1f5d3f10a0b648fc9304bc35</change>
</branch>
<branch>
@@ -226,6 +294,7 @@ be revoked]]>
<change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
<change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
<change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<change
state="fixed">89538f57f4c2401d7c555299f15de17c539981c2</change>
</branch>
<branch>
@@ -254,17 +323,17 @@ be revoked]]>
</branch>
<branch>
<name>v1.1.3-maint</name>
- <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
- <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
- <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
- <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<tag state="vulnerable">v1.1.3.1</tag>
<tag state="vulnerable">v1.1.3.2</tag>
<tag state="vulnerable">v1.1.3.3</tag>
<tag state="vulnerable">v1.1.3.4</tag>
<tag state="vulnerable">v1.1.3.5</tag>
- <change
state="fixed">46de45d079ae2622660fe147cf237ee617cc461c</change>
+ <change
state="vulnerable">77e8b6c62c48b6346bbdb2df3e0d925852c6bf3e</change>
+ <change
state="vulnerable">387941fb626d9362835aa216b4a871e18268f649</change>
+ <change
state="vulnerable">0b7d2ae653f583825f6d83bfb0744673648a9833</change>
+ <change
state="vulnerable">ed3bac713c3cfc055ef551cbfe92a061084382c3</change>
<tag state="fixed">v1.1.3.6</tag>
+ <change
state="fixed">46de45d079ae2622660fe147cf237ee617cc461c</change>
</branch>
<branch>
<name>v1.1.4-maint</name>
diff --git a/notices/2014/0004.xml b/notices/2014/0004.xml
index b98173b..0268495 100644
--- a/notices/2014/0004.xml
+++ b/notices/2014/0004.xml
@@ -61,6 +61,9 @@ although such a crash is no longer a security problem.]]>
<tag state="vulnerable">v0.9.11</tag>
<tag state="vulnerable">v0.9.12</tag>
<tag state="vulnerable">v0.9.13</tag>
+ <tag state="vulnerable">v0.10.0</tag>
+ <tag state="vulnerable">v0.10.1</tag>
+ <tag state="vulnerable">v0.10.2</tag>
<tag state="vulnerable">v1.0.0</tag>
<tag state="vulnerable">v1.0.1</tag>
<tag state="vulnerable">v1.0.2</tag>
@@ -83,12 +86,11 @@ although such a crash is no longer a security problem.]]>
<tag state="vulnerable">v1.2.7</tag>
<tag state="vulnerable">v1.2.8</tag>
<change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
- <change
state="fixed">3e745e8f775dfe6f64f18b5c2fe4791b35d3546b</change>
<tag state="fixed">v1.2.9</tag>
+ <change
state="fixed">3e745e8f775dfe6f64f18b5c2fe4791b35d3546b</change>
</branch>
<branch>
<name>v0.9.11-maint</name>
- <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="vulnerable">v0.9.11.1</tag>
<tag state="vulnerable">v0.9.11.2</tag>
<tag state="vulnerable">v0.9.11.3</tag>
@@ -99,18 +101,18 @@ although such a crash is no longer a security problem.]]>
<tag state="vulnerable">v0.9.11.8</tag>
<tag state="vulnerable">v0.9.11.9</tag>
<tag state="vulnerable">v0.9.11.10</tag>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
</branch>
<branch>
<name>v0.9.12-maint</name>
- <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="vulnerable">v0.9.12.1</tag>
<tag state="vulnerable">v0.9.12.2</tag>
<tag state="vulnerable">v0.9.12.3</tag>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<change
state="fixed">750280023cc0896b05f86e292857ceef5eee3a72</change>
</branch>
<branch>
<name>v0.10.2-maint</name>
- <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="vulnerable">v0.10.2.1</tag>
<tag state="vulnerable">v0.10.2.2</tag>
<tag state="vulnerable">v0.10.2.3</tag>
@@ -119,8 +121,17 @@ although such a crash is no longer a security problem.]]>
<tag state="vulnerable">v0.10.2.6</tag>
<tag state="vulnerable">v0.10.2.7</tag>
<tag state="vulnerable">v0.10.2.8</tag>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<change
state="fixed">0fa54204f264e3d39387f5762f810d31cce770b2</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
+ </branch>
<branch>
<name>v1.0.2-maint</name>
<change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
@@ -138,7 +149,6 @@ although such a crash is no longer a security problem.]]>
</branch>
<branch>
<name>v1.0.5-maint</name>
- <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="vulnerable">v1.0.5.1</tag>
<tag state="vulnerable">v1.0.5.2</tag>
<tag state="vulnerable">v1.0.5.3</tag>
@@ -148,6 +158,7 @@ although such a crash is no longer a security problem.]]>
<tag state="vulnerable">v1.0.5.7</tag>
<tag state="vulnerable">v1.0.5.8</tag>
<tag state="vulnerable">v1.0.5.9</tag>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<change
state="fixed">cc05c6d5d2f7a577a1a365fbc5451fb6b5f57445</change>
</branch>
<branch>
@@ -172,15 +183,15 @@ although such a crash is no longer a security problem.]]>
</branch>
<branch>
<name>v1.1.3-maint</name>
- <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="vulnerable">v1.1.3.1</tag>
<tag state="vulnerable">v1.1.3.2</tag>
<tag state="vulnerable">v1.1.3.3</tag>
<tag state="vulnerable">v1.1.3.4</tag>
<tag state="vulnerable">v1.1.3.5</tag>
<tag state="vulnerable">v1.1.3.6</tag>
- <change
state="fixed">eefe2e013820a76dfe5132431db72aade911eeab</change>
+ <change
state="vulnerable">eca96694a7f992be633d48d5ca03cedc9bbc3c9a</change>
<tag state="fixed">v1.1.3.7</tag>
+ <change
state="fixed">eefe2e013820a76dfe5132431db72aade911eeab</change>
</branch>
<branch>
<name>v1.1.4-maint</name>
diff --git a/notices/2014/0005.xml b/notices/2014/0005.xml
index 59d7d85..5f56c53 100644
--- a/notices/2014/0005.xml
+++ b/notices/2014/0005.xml
@@ -56,6 +56,9 @@ problem.]]>
<branch>
<name>master</name>
<tag state="vulnerable">v0.9.13</tag>
+ <tag state="vulnerable">v0.10.0</tag>
+ <tag state="vulnerable">v0.10.1</tag>
+ <tag state="vulnerable">v0.10.2</tag>
<tag state="vulnerable">v1.0.0</tag>
<tag state="vulnerable">v1.0.1</tag>
<tag state="vulnerable">v1.0.2</tag>
@@ -78,12 +81,11 @@ problem.]]>
<tag state="vulnerable">v1.2.7</tag>
<tag state="vulnerable">v1.2.8</tag>
<change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
- <change
state="fixed">fc22b2e74890873848b43fffae43025d22053669</change>
<tag state="fixed">v1.2.9</tag>
+ <change
state="fixed">fc22b2e74890873848b43fffae43025d22053669</change>
</branch>
<branch>
<name>v0.10.2-maint</name>
- <change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
<tag state="vulnerable">v0.10.2.1</tag>
<tag state="vulnerable">v0.10.2.2</tag>
<tag state="vulnerable">v0.10.2.3</tag>
@@ -92,8 +94,17 @@ problem.]]>
<tag state="vulnerable">v0.10.2.6</tag>
<tag state="vulnerable">v0.10.2.7</tag>
<tag state="vulnerable">v0.10.2.8</tag>
+ <change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
<change
state="fixed">a397e887ed40898cc177e118dffdea8e1f4c6184</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
+ </branch>
<branch>
<name>v1.0.2-maint</name>
<change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
@@ -111,7 +122,6 @@ problem.]]>
</branch>
<branch>
<name>v1.0.5-maint</name>
- <change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
<tag state="vulnerable">v1.0.5.1</tag>
<tag state="vulnerable">v1.0.5.2</tag>
<tag state="vulnerable">v1.0.5.3</tag>
@@ -121,6 +131,7 @@ problem.]]>
<tag state="vulnerable">v1.0.5.7</tag>
<tag state="vulnerable">v1.0.5.8</tag>
<tag state="vulnerable">v1.0.5.9</tag>
+ <change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
<change
state="fixed">f18b86e35f25eacbe1c68cd32caea0310e9d220c</change>
</branch>
<branch>
@@ -145,15 +156,15 @@ problem.]]>
</branch>
<branch>
<name>v1.1.3-maint</name>
- <change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
<tag state="vulnerable">v1.1.3.1</tag>
<tag state="vulnerable">v1.1.3.2</tag>
<tag state="vulnerable">v1.1.3.3</tag>
<tag state="vulnerable">v1.1.3.4</tag>
<tag state="vulnerable">v1.1.3.5</tag>
<tag state="vulnerable">v1.1.3.6</tag>
- <change
state="fixed">0b13d34e89405b6017a935d3c19d6a80ce7f3c6b</change>
+ <change
state="vulnerable">2c6808044408fba9ff9547ad88bb8a0f44ee21a0</change>
<tag state="fixed">v1.1.3.7</tag>
+ <change
state="fixed">0b13d34e89405b6017a935d3c19d6a80ce7f3c6b</change>
</branch>
<branch>
<name>v1.1.4-maint</name>
diff --git a/notices/2014/0006.xml b/notices/2014/0006.xml
index 5390fa6..78a1438 100644
--- a/notices/2014/0006.xml
+++ b/notices/2014/0006.xml
@@ -115,9 +115,19 @@ virDomainBlockCopy API is immune to the problem.]]>
<tag state="vulnerable">v1.2.5</tag>
<change
state="vulnerable">35c7701c64508f975dfeb8379c56b4b6d0d9b71c</change>
<change
state="vulnerable">ff5f30b6bfa317f2a4c33f69289baf4e887eb048</change>
+ <tag state="fixed">v1.2.6</tag>
<change
state="fixed">02b364e186d487f54ed410c01af042f23e812d42</change>
<change
state="fixed">42619ed05d7924978f3e6e2399522fc6f30607de</change>
- <tag state="fixed">v1.2.6</tag>
+ </branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">35c7701c64508f975dfeb8379c56b4b6d0d9b71c</change>
+ <change
state="vulnerable">ff5f30b6bfa317f2a4c33f69289baf4e887eb048</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">35c7701c64508f975dfeb8379c56b4b6d0d9b71c</change>
+ <change
state="vulnerable">ff5f30b6bfa317f2a4c33f69289baf4e887eb048</change>
</branch>
<branch>
<name>v1.0.2-maint</name>
@@ -142,8 +152,6 @@ virDomainBlockCopy API is immune to the problem.]]>
</branch>
<branch>
<name>v1.0.5-maint</name>
- <change
state="vulnerable">35c7701c64508f975dfeb8379c56b4b6d0d9b71c</change>
- <change
state="vulnerable">0135324b9fc0f4b803fcd1464c83ce458ca1b1e0</change>
<tag state="vulnerable">v1.0.5.1</tag>
<tag state="vulnerable">v1.0.5.2</tag>
<tag state="vulnerable">v1.0.5.3</tag>
@@ -153,6 +161,8 @@ virDomainBlockCopy API is immune to the problem.]]>
<tag state="vulnerable">v1.0.5.7</tag>
<tag state="vulnerable">v1.0.5.8</tag>
<tag state="vulnerable">v1.0.5.9</tag>
+ <change
state="vulnerable">35c7701c64508f975dfeb8379c56b4b6d0d9b71c</change>
+ <change
state="vulnerable">0135324b9fc0f4b803fcd1464c83ce458ca1b1e0</change>
<change
state="fixed">39b5123dc0f08955b68d91a14bdc577ffd1a9558</change>
<change
state="fixed">17df6a9b3997117b43f6caa56b43c54d1841d93c</change>
</branch>
@@ -186,16 +196,16 @@ virDomainBlockCopy API is immune to the problem.]]>
</branch>
<branch>
<name>v1.1.3-maint</name>
- <change
state="vulnerable">35c7701c64508f975dfeb8379c56b4b6d0d9b71c</change>
- <change
state="vulnerable">0c4822c17b6cdcce812fb9201f19d30232b3812d</change>
<tag state="vulnerable">v1.1.3.1</tag>
<tag state="vulnerable">v1.1.3.2</tag>
<tag state="vulnerable">v1.1.3.3</tag>
<tag state="vulnerable">v1.1.3.4</tag>
<tag state="vulnerable">v1.1.3.5</tag>
+ <change
state="vulnerable">35c7701c64508f975dfeb8379c56b4b6d0d9b71c</change>
+ <change
state="vulnerable">0c4822c17b6cdcce812fb9201f19d30232b3812d</change>
+ <tag state="fixed">v1.1.3.6</tag>
<change
state="fixed">ea1d4666d885ec68480f22a65d1a275a293484cd</change>
<change
state="fixed">e7ee7542bb9d66539a0ec8d4a1e72efdfb8ccebe</change>
- <tag state="fixed">v1.1.3.6</tag>
</branch>
<branch>
<name>v1.1.4-maint</name>
diff --git a/notices/2014/0007.xml b/notices/2014/0007.xml
index 4621913..8e7c75c 100644
--- a/notices/2014/0007.xml
+++ b/notices/2014/0007.xml
@@ -84,8 +84,16 @@ ACL privilege without also having the 'read_secure'
privilege.]]>
<tag state="vulnerable">v1.2.9</tag>
<tag state="vulnerable">v1.2.10</tag>
<change
state="vulnerable">28f8dfdcccd4c0f69063ef741545b37d8a7f7935</change>
- <change
state="fixed">b1674ad5a97441b7e1bd5f5ebaff498ef2fbb11b</change>
<tag state="fixed">v1.2.11</tag>
+ <change
state="fixed">b1674ad5a97441b7e1bd5f5ebaff498ef2fbb11b</change>
+ </branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">28f8dfdcccd4c0f69063ef741545b37d8a7f7935</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">28f8dfdcccd4c0f69063ef741545b37d8a7f7935</change>
</branch>
<branch>
<name>v1.0.2-maint</name>
@@ -104,7 +112,6 @@ ACL privilege without also having the 'read_secure'
privilege.]]>
</branch>
<branch>
<name>v1.0.5-maint</name>
- <change
state="vulnerable">28f8dfdcccd4c0f69063ef741545b37d8a7f7935</change>
<tag state="vulnerable">v1.0.5.1</tag>
<tag state="vulnerable">v1.0.5.2</tag>
<tag state="vulnerable">v1.0.5.3</tag>
@@ -114,6 +121,7 @@ ACL privilege without also having the 'read_secure'
privilege.]]>
<tag state="vulnerable">v1.0.5.7</tag>
<tag state="vulnerable">v1.0.5.8</tag>
<tag state="vulnerable">v1.0.5.9</tag>
+ <change
state="vulnerable">28f8dfdcccd4c0f69063ef741545b37d8a7f7935</change>
<change
state="fixed">107f1ff20edc805433cade910a00328158b1c231</change>
</branch>
<branch>
@@ -138,15 +146,15 @@ ACL privilege without also having the 'read_secure'
privilege.]]>
</branch>
<branch>
<name>v1.1.3-maint</name>
- <change
state="vulnerable">28f8dfdcccd4c0f69063ef741545b37d8a7f7935</change>
<tag state="vulnerable">v1.1.3.1</tag>
<tag state="vulnerable">v1.1.3.2</tag>
<tag state="vulnerable">v1.1.3.3</tag>
<tag state="vulnerable">v1.1.3.4</tag>
<tag state="vulnerable">v1.1.3.5</tag>
<tag state="vulnerable">v1.1.3.6</tag>
- <change
state="fixed">bdbcf66ae72f82d45faa889a1208444f83f5756b</change>
+ <change
state="vulnerable">28f8dfdcccd4c0f69063ef741545b37d8a7f7935</change>
<tag state="fixed">v1.1.3.7</tag>
+ <change
state="fixed">bdbcf66ae72f82d45faa889a1208444f83f5756b</change>
</branch>
<branch>
<name>v1.1.4-maint</name>
@@ -201,8 +209,8 @@ ACL privilege without also having the 'read_secure'
privilege.]]>
<branch>
<name>v1.2.9-maint</name>
<change
state="vulnerable">28f8dfdcccd4c0f69063ef741545b37d8a7f7935</change>
- <change
state="fixed">744ddb15e0feaf2d6603a88dc8ffc3a7eb0a452d</change>
<tag state="fixed">v1.2.9.1</tag>
+ <change
state="fixed">744ddb15e0feaf2d6603a88dc8ffc3a7eb0a452d</change>
</branch>
<branch>
<name>v1.2.10-maint</name>
diff --git a/notices/2014/0008.xml b/notices/2014/0008.xml
index 8ec3c3d..8fd0d9e 100644
--- a/notices/2014/0008.xml
+++ b/notices/2014/0008.xml
@@ -58,20 +58,22 @@ an authorized client can see.]]>
<tag state="vulnerable">v1.2.10</tag>
<change
state="vulnerable">d1bde8eda3b4027b38c7c1d5942a6388b0458803</change>
<change
state="vulnerable">1f4831ee6ecc17d0f2008d7db15bfd9bc3b1d685</change>
+ <tag state="fixed">v1.2.11</tag>
<change
state="fixed">57023c0a3af4af1c547189c1f6712ed5edeb0c0b</change>
<change
state="fixed">cb104ef734dfea12cb8826dba7e2c98912c4b7e1</change>
- <tag state="fixed">v1.2.11</tag>
</branch>
<branch>
<name>v1.2.8-maint</name>
<change
state="vulnerable">d1bde8eda3b4027b38c7c1d5942a6388b0458803</change>
+ <change
state="vulnerable">1f4831ee6ecc17d0f2008d7db15bfd9bc3b1d685</change>
<change
state="fixed">27431ec96e617f186bd3f5900aeb7d622770533a</change>
</branch>
<branch>
<name>v1.2.9-maint</name>
+ <tag state="vulnerable">v1.2.9.1</tag>
<change
state="vulnerable">d1bde8eda3b4027b38c7c1d5942a6388b0458803</change>
<change
state="vulnerable">1f4831ee6ecc17d0f2008d7db15bfd9bc3b1d685</change>
- <tag state="vulnerable">v1.2.9.1</tag>
+ <tag state="fixed">v1.2.9.2</tag>
<change
state="fixed">5d8bee6d57cddf462912ad2fc544c8a57b1c2841</change>
<change
state="fixed">dfbdea7ea8fa36d9f27942c5b2882acfd86a3c3b</change>
</branch>
diff --git a/notices/2014/0009.xml b/notices/2014/0009.xml
index 6a9be93..e9c9c66 100644
--- a/notices/2014/0009.xml
+++ b/notices/2014/0009.xml
@@ -54,8 +54,8 @@ crash is no longer a security attack.]]>
<tag state="vulnerable">v1.2.9</tag>
<tag state="vulnerable">v1.2.10</tag>
<change
state="vulnerable">4a85bf3e2fa703fdc14e8c49d5017ef04832a1d7</change>
- <change
state="fixed">87b9437f8951f9d24f9a85c6bbfff0e54df8c984</change>
<tag state="fixed">v1.2.11</tag>
+ <change
state="fixed">87b9437f8951f9d24f9a85c6bbfff0e54df8c984</change>
</branch>
<branch>
<name>v1.2.8-maint</name>
@@ -64,8 +64,9 @@ crash is no longer a security attack.]]>
</branch>
<branch>
<name>v1.2.9-maint</name>
- <change
state="vulnerable">4a85bf3e2fa703fdc14e8c49d5017ef04832a1d7</change>
<tag state="vulnerable">v1.2.9.1</tag>
+ <change
state="vulnerable">4a85bf3e2fa703fdc14e8c49d5017ef04832a1d7</change>
+ <tag state="fixed">v1.2.9.2</tag>
<change
state="fixed">584e876ba2057b472074dbf177d2397392d70363</change>
</branch>
<branch>
diff --git a/notices/2014/0010.xml b/notices/2014/0010.xml
index f22a0a0..653c61c 100644
--- a/notices/2014/0010.xml
+++ b/notices/2014/0010.xml
@@ -77,8 +77,8 @@ fine-grained access control mechanism.]]>
<tag state="vulnerable">v1.2.9</tag>
<tag state="vulnerable">v1.2.10</tag>
<change
state="vulnerable">abf75aea247ef6e432e5a51bcdb21972e50a4cd1</change>
- <change
state="fixed">2bdcd29c713dfedd813c89f56ae98f6f3898313d</change>
<tag state="fixed">v1.2.11</tag>
+ <change
state="fixed">2bdcd29c713dfedd813c89f56ae98f6f3898313d</change>
</branch>
<branch>
<name>v1.1.0-maint</name>
@@ -97,7 +97,6 @@ fine-grained access control mechanism.]]>
</branch>
<branch>
<name>v1.1.3-maint</name>
- <change
state="vulnerable">abf75aea247ef6e432e5a51bcdb21972e50a4cd1</change>
<tag state="vulnerable">v1.1.3.1</tag>
<tag state="vulnerable">v1.1.3.2</tag>
<tag state="vulnerable">v1.1.3.3</tag>
@@ -106,6 +105,8 @@ fine-grained access control mechanism.]]>
<tag state="vulnerable">v1.1.3.6</tag>
<tag state="vulnerable">v1.1.3.7</tag>
<tag state="vulnerable">v1.1.3.8</tag>
+ <change
state="vulnerable">abf75aea247ef6e432e5a51bcdb21972e50a4cd1</change>
+ <tag state="fixed">v1.1.3.9</tag>
<change
state="fixed">63934cae465f757c774db1fa4e86d3c8bda4591b</change>
</branch>
<branch>
@@ -160,8 +161,9 @@ fine-grained access control mechanism.]]>
</branch>
<branch>
<name>v1.2.9-maint</name>
- <change
state="vulnerable">abf75aea247ef6e432e5a51bcdb21972e50a4cd1</change>
<tag state="vulnerable">v1.2.9.1</tag>
+ <change
state="vulnerable">abf75aea247ef6e432e5a51bcdb21972e50a4cd1</change>
+ <tag state="fixed">v1.2.9.2</tag>
<change
state="fixed">12496319a24dd923c5f321c84112fd0e73979413</change>
</branch>
<branch>
diff --git a/notices/2015/0001.xml b/notices/2015/0001.xml
index 1d0fc84..beff54f 100644
--- a/notices/2015/0001.xml
+++ b/notices/2015/0001.xml
@@ -82,9 +82,9 @@ privileged user making use of that feature.]]>
<tag state="vulnerable">v1.2.10</tag>
<tag state="vulnerable">v1.2.11</tag>
<change
state="vulnerable">e341435e5090677c67a0d3d4ca0393102054841f</change>
- <change
state="fixed">03c3c0c874c84dfa51ef17556062b095c6e1c0a3</change>
- <change
state="fixed">b1674ad5a97441b7e1bd5f5ebaff498ef2fbb11b</change>
<tag state="fixed">v1.2.12</tag>
+ <change
state="fixed">03c3c0c874c84dfa51ef17556062b095c6e1c0a3</change>
+ <change
state="fixed">b347c0c2a321ec5c20aae214927949832a288c5a</change>
</branch>
<branch>
<name>v1.1.0-maint</name>
@@ -106,7 +106,6 @@ privileged user making use of that feature.]]>
</branch>
<branch>
<name>v1.1.3-maint</name>
- <change
state="vulnerable">e341435e5090677c67a0d3d4ca0393102054841f</change>
<tag state="vulnerable">v1.1.3.1</tag>
<tag state="vulnerable">v1.1.3.2</tag>
<tag state="vulnerable">v1.1.3.3</tag>
@@ -115,6 +114,8 @@ privileged user making use of that feature.]]>
<tag state="vulnerable">v1.1.3.6</tag>
<tag state="vulnerable">v1.1.3.7</tag>
<tag state="vulnerable">v1.1.3.8</tag>
+ <change
state="vulnerable">e341435e5090677c67a0d3d4ca0393102054841f</change>
+ <tag state="fixed">v1.1.3.9</tag>
<change
state="fixed">ca840e9c827fefadae2e00875b4a552b990b959f</change>
<change
state="fixed">76d6cc3f24ab545694e77e2eafa981d861b965a4</change>
</branch>
@@ -180,8 +181,9 @@ privileged user making use of that feature.]]>
</branch>
<branch>
<name>v1.2.9-maint</name>
- <change
state="vulnerable">e341435e5090677c67a0d3d4ca0393102054841f</change>
<tag state="vulnerable">v1.2.9.1</tag>
+ <change
state="vulnerable">e341435e5090677c67a0d3d4ca0393102054841f</change>
+ <tag state="fixed">v1.2.9.2</tag>
<change
state="fixed">19f8fec02d9b0a8de877d872c5b59597bd878a8d</change>
<change
state="fixed">295f3c88ce71b8e83a489cb0d48431e124c12081</change>
</branch>
diff --git a/notices/2015/0002.xml b/notices/2015/0002.xml
index 19e72c8..aba493c 100644
--- a/notices/2015/0002.xml
+++ b/notices/2015/0002.xml
@@ -74,8 +74,8 @@ out-of-memory condition would cause adverse behavior.]]>
<tag state="vulnerable">v1.2.12</tag>
<tag state="vulnerable">v1.2.13</tag>
<change
state="vulnerable">4f25146bf4335cb2b1b31c07dab39e26458bdf61</change>
- <change
state="fixed">3c2ff5029b83c9b33be0f1607a3c61f4f5850612</change>
<tag state="fixed">v1.2.14</tag>
+ <change
state="fixed">3c2ff5029b83c9b33be0f1607a3c61f4f5850612</change>
</branch>
<branch>
<name>v1.2.8-maint</name>
@@ -84,9 +84,10 @@ out-of-memory condition would cause adverse behavior.]]>
</branch>
<branch>
<name>v1.2.9-maint</name>
- <change
state="vulnerable">4f25146bf4335cb2b1b31c07dab39e26458bdf61</change>
<tag state="vulnerable">v1.2.9.1</tag>
<tag state="vulnerable">v1.2.9.2</tag>
+ <change
state="vulnerable">4f25146bf4335cb2b1b31c07dab39e26458bdf61</change>
+ <tag state="fixed">v1.2.9.3</tag>
<change
state="fixed">b9dacdd4d992ba1e5aab2e0189cf64b36a1a7e13</change>
</branch>
<branch>
@@ -107,6 +108,7 @@ out-of-memory condition would cause adverse behavior.]]>
<branch>
<name>v1.2.13-maint</name>
<change
state="vulnerable">4f25146bf4335cb2b1b31c07dab39e26458bdf61</change>
+ <tag state="fixed">v1.2.13.1</tag>
<change
state="fixed">117f60ca53eb36aa7751573ac274850bd96a4799</change>
</branch>
</product>
diff --git a/notices/2015/0003.xml b/notices/2015/0003.xml
index d8aa3e1..e0a6e4d 100644
--- a/notices/2015/0003.xml
+++ b/notices/2015/0003.xml
@@ -76,6 +76,7 @@ user creating a volume and a user with full system access).]]>
<tag state="vulnerable">v1.2.19</tag>
<change
state="vulnerable">155ca616eb231181f6978efc9e3a1eb0eb60af8a</change>
<change
state="vulnerable">7c2d65dde2595c07d56aad1e043f7b1836592d89</change>
+ <tag state="fixed">v1.2.20</tag>
<change
state="fixed">db9277a39bc364806e8d3e08a08fc128d59b7094</change>
<change
state="fixed">691dd388aee99f8b06177540303b690586d5f5b3</change>
<change
state="fixed">35847860f65f92e444db9730e00cdaef45198e0c</change>
@@ -83,12 +84,16 @@ user creating a volume and a user with full system access).]]>
<branch>
<name>v1.2.14-maint</name>
<change
state="vulnerable">155ca616eb231181f6978efc9e3a1eb0eb60af8a</change>
+ <change
state="vulnerable">7c2d65dde2595c07d56aad1e043f7b1836592d89</change>
<change
state="fixed">605b12068392d29beb44a8ab7d6ec176d6b05237</change>
<change
state="fixed">454cb7c40dbcff84192094963d71369ac7d94546</change>
</branch>
<branch>
<name>v1.2.15-maint</name>
<change
state="vulnerable">155ca616eb231181f6978efc9e3a1eb0eb60af8a</change>
+ <change
state="vulnerable">7c2d65dde2595c07d56aad1e043f7b1836592d89</change>
+ <change
state="fixed">3c41b3ea5e68f391b8ff901082608bda5f7f3fbc</change>
+ <change
state="fixed">fe2cf73800e3be87d1d4d811facb3f2be48126e5</change>
<change
state="fixed">3c41b3ea5e68f391b8ff901082608bda5f7f3fbc</change>
<change
state="fixed">fe2cf73800e3be87d1d4d811facb3f2be48126e5</change>
</branch>
@@ -96,32 +101,33 @@ user creating a volume and a user with full system access).]]>
<name>v1.2.16-maint</name>
<change
state="vulnerable">155ca616eb231181f6978efc9e3a1eb0eb60af8a</change>
<change
state="vulnerable">7c2d65dde2595c07d56aad1e043f7b1836592d89</change>
- <change
state="fixed">9e48400f4606bac16b7e4db195f610928c3d5a04</change>
<change
state="fixed">2f4b41861c1729ff4b754986782d7428ccdca455</change>
+ <change
state="fixed">9e48400f4606bac16b7e4db195f610928c3d5a04</change>
<change
state="fixed">7f0505705c70f7eb1e435a2e7732d1a74abfadfd</change>
</branch>
<branch>
<name>v1.2.17-maint</name>
<change
state="vulnerable">155ca616eb231181f6978efc9e3a1eb0eb60af8a</change>
<change
state="vulnerable">7c2d65dde2595c07d56aad1e043f7b1836592d89</change>
- <change
state="fixed">d055989083df4bf68eb1388d327ebffb3501bb83</change>
<change
state="fixed">98242f94cd181f0257535479369054f07f951b21</change>
+ <change
state="fixed">d055989083df4bf68eb1388d327ebffb3501bb83</change>
<change
state="fixed">a3ee6885d95a2ce6fb7e58bb0737cfb1612e0fb7</change>
</branch>
<branch>
<name>v1.2.18-maint</name>
<change
state="vulnerable">155ca616eb231181f6978efc9e3a1eb0eb60af8a</change>
<change
state="vulnerable">7c2d65dde2595c07d56aad1e043f7b1836592d89</change>
- <change
state="fixed">e63b32e22dafd99547f82f5383fdbf58b5f651a1</change>
+ <tag state="fixed">v1.2.18.1</tag>
<change
state="fixed">075eb526c9817d9d8e3a759e3fbe180d8d326dcf</change>
+ <change
state="fixed">e63b32e22dafd99547f82f5383fdbf58b5f651a1</change>
<change
state="fixed">966cc922221be2b8cc6a9842ed0dc4cf1568a7b3</change>
</branch>
<branch>
<name>v1.2.19-maint</name>
<change
state="vulnerable">155ca616eb231181f6978efc9e3a1eb0eb60af8a</change>
<change
state="vulnerable">7c2d65dde2595c07d56aad1e043f7b1836592d89</change>
- <change
state="fixed">e0025d2967bbe3f283937216c9e2c12b6e9d1010</change>
<change
state="fixed">8b1d84e640f1a6e6ebb47caf23a664e2f651b32d</change>
+ <change
state="fixed">e0025d2967bbe3f283937216c9e2c12b6e9d1010</change>
<change
state="fixed">3468542f06f6f5dc94defa1603c6a6adea3e2da8</change>
</branch>
</product>
diff --git a/notices/2015/0004.xml b/notices/2015/0004.xml
index 4838f39..8d65e67 100644
--- a/notices/2015/0004.xml
+++ b/notices/2015/0004.xml
@@ -97,9 +97,10 @@ access to libvirtd.]]>
<tag state="vulnerable">v1.2.18</tag>
<tag state="vulnerable">v1.2.19</tag>
<tag state="vulnerable">v1.2.20</tag>
- <tag state="vulnerable">v1.2.20</tag>
+ <tag state="vulnerable">v1.2.21</tag>
<tag state="vulnerable">v1.3.0</tag>
<change
state="vulnerable">c930410bebae0a45889b992a7932c663b06cbbcd</change>
+ <tag state="fixed">v1.3.1</tag>
<change
state="fixed">034e47c338b13a95cf02106a3af912c1c5f818d7</change>
</branch>
<branch>
@@ -119,7 +120,6 @@ access to libvirtd.]]>
</branch>
<branch>
<name>v1.1.3-maint</name>
- <change
state="vulnerable">c930410bebae0a45889b992a7932c663b06cbbcd</change>
<tag state="vulnerable">v1.1.3.1</tag>
<tag state="vulnerable">v1.1.3.2</tag>
<tag state="vulnerable">v1.1.3.3</tag>
@@ -129,6 +129,7 @@ access to libvirtd.]]>
<tag state="vulnerable">v1.1.3.7</tag>
<tag state="vulnerable">v1.1.3.8</tag>
<tag state="vulnerable">v1.1.3.9</tag>
+ <change
state="vulnerable">c930410bebae0a45889b992a7932c663b06cbbcd</change>
<change
state="fixed">dcce665904b8ebc9ac3e5109db179a567b33e1a2</change>
</branch>
<branch>
@@ -183,10 +184,10 @@ access to libvirtd.]]>
</branch>
<branch>
<name>v1.2.9-maint</name>
- <change
state="vulnerable">c930410bebae0a45889b992a7932c663b06cbbcd</change>
<tag state="vulnerable">v1.2.9.1</tag>
<tag state="vulnerable">v1.2.9.2</tag>
<tag state="vulnerable">v1.2.9.3</tag>
+ <change
state="vulnerable">c930410bebae0a45889b992a7932c663b06cbbcd</change>
<change
state="fixed">b0f88836e5eb5b7156bda99c005cf4aa0456ed0d</change>
</branch>
<branch>
@@ -206,8 +207,9 @@ access to libvirtd.]]>
</branch>
<branch>
<name>v1.2.13-maint</name>
- <change
state="vulnerable">c930410bebae0a45889b992a7932c663b06cbbcd</change>
<tag state="vulnerable">v1.2.13.1</tag>
+ <change
state="vulnerable">c930410bebae0a45889b992a7932c663b06cbbcd</change>
+ <tag state="fixed">v1.2.13.2</tag>
<change
state="fixed">b553ec764f7ecdf8962efbf849a0e8524bae610c</change>
</branch>
<branch>
@@ -232,8 +234,9 @@ access to libvirtd.]]>
</branch>
<branch>
<name>v1.2.18-maint</name>
- <change
state="vulnerable">c930410bebae0a45889b992a7932c663b06cbbcd</change>
<tag state="vulnerable">v1.2.18.1</tag>
+ <change
state="vulnerable">c930410bebae0a45889b992a7932c663b06cbbcd</change>
+ <tag state="fixed">v1.2.18.2</tag>
<change
state="fixed">d035796675ca42795953828d11f902f691fa6b29</change>
</branch>
<branch>
diff --git a/notices/2016/0001.xml b/notices/2016/0001.xml
index ba28f18..e61eff9 100644
--- a/notices/2016/0001.xml
+++ b/notices/2016/0001.xml
@@ -119,8 +119,8 @@
<tag state="vulnerable">v1.3.4</tag>
<tag state="vulnerable">v1.3.5</tag>
<change
state="vulnerable">9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f</change>
- <change
state="fixed">bb848feec0f3f10e92dd8e5231ae7aa89b5598f3</change>
<tag state="fixed">v2.0.0</tag>
+ <change
state="fixed">bb848feec0f3f10e92dd8e5231ae7aa89b5598f3</change>
</branch>
<branch>
<name>v0.9.6-maint</name>
@@ -363,13 +363,11 @@
</branch>
<branch>
<name>v1.3.0-maint</name>
- <tag state="vulnerable">v1.3.3.1</tag>
<change
state="vulnerable">9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f</change>
<change
state="fixed">d49b1dfcb59af791f78cd699134cfe80bd6f13ab</change>
</branch>
<branch>
<name>v1.3.1-maint</name>
- <tag state="vulnerable">v1.3.3.1</tag>
<change
state="vulnerable">9d73efdbe3ea61a13a11fdc24a2cb530eaa0b66f</change>
<change
state="fixed">2d5370eba6b52f44cf832eba28f162c55331a47c</change>
</branch>
diff --git a/notices/2016/0002.xml b/notices/2016/0002.xml
index 2c73324..c201fc3 100644
--- a/notices/2016/0002.xml
+++ b/notices/2016/0002.xml
@@ -65,6 +65,7 @@ libvirtd socket]]>
<tag state="vulnerable">v1.2.21</tag>
<tag state="vulnerable">v1.3.0</tag>
<change
state="vulnerable">0abb36938027f3991f3ce5151b31cca9737a1287</change>
+ <tag state="fixed">v1.3.1</tag>
<change
state="fixed">506e9d6c2d4baaf580d489fff0690c0ff2ff588f</change>
</branch>
<branch>
diff --git a/notices/2017/0001.xml b/notices/2017/0001.xml
index f3bda3f..0c74ca0 100644
--- a/notices/2017/0001.xml
+++ b/notices/2017/0001.xml
@@ -44,10 +44,10 @@
<repository>libvirt.git</repository>
<branch>
<name>master</name>
- <change
state="vulnerable">c5f6151390ff0a8e65014172bb8c0a8d312c3353</change>
- <change
state="fixed">c3de387380f6057ee0e46cd9f2f0a092e8070875</change>
<tag state="vulnerable">v3.0.0</tag>
+ <change
state="vulnerable">c5f6151390ff0a8e65014172bb8c0a8d312c3353</change>
<tag state="fixed">v3.1.0</tag>
+ <change
state="fixed">c3de387380f6057ee0e46cd9f2f0a092e8070875</change>
</branch>
<branch>
<name>v3.0-maint</name>
diff --git a/notices/2017/0002.xml b/notices/2017/0002.xml
index 0672344..54832e8 100644
--- a/notices/2017/0002.xml
+++ b/notices/2017/0002.xml
@@ -57,8 +57,6 @@ certificates in QEMU servers. ]]>
<repository>libvirt.git</repository>
<branch>
<name>master</name>
- <change
state="vulnerable">ce61c16450d4992612d1fc6f39a39e79bfccead5</change>
- <change
state="fixed">441d3eb6d1be940a67ce45a286602a967601b157</change>
<tag state="vulnerable">v2.3.0</tag>
<tag state="vulnerable">v2.4.0</tag>
<tag state="vulnerable">v2.5.0</tag>
@@ -71,7 +69,9 @@ certificates in QEMU servers. ]]>
<tag state="vulnerable">v3.6.0</tag>
<tag state="vulnerable">v3.7.0</tag>
<tag state="vulnerable">v3.8.0</tag>
+ <change
state="vulnerable">ce61c16450d4992612d1fc6f39a39e79bfccead5</change>
<tag state="fixed">v3.9.0</tag>
+ <change
state="fixed">441d3eb6d1be940a67ce45a286602a967601b157</change>
</branch>
<branch>
<name>v3.0-maint</name>
@@ -80,8 +80,8 @@ certificates in QEMU servers. ]]>
</branch>
<branch>
<name>v3.2-maint</name>
- <change
state="vulnerable">ce61c16450d4992612d1fc6f39a39e79bfccead5</change>
<tag state="vulnerable">v3.2.1</tag>
+ <change
state="vulnerable">ce61c16450d4992612d1fc6f39a39e79bfccead5</change>
<change
state="fixed">9e6bc47bb541d8eea10cdd5704ea7f5e699bf0ba</change>
</branch>
<branch>
diff --git a/notices/2018/0001.xml b/notices/2018/0001.xml
index a72a1c0..807d1a7 100644
--- a/notices/2018/0001.xml
+++ b/notices/2018/0001.xml
@@ -151,9 +151,8 @@
<tag state="vulnerable">v3.8.0</tag>
<tag state="vulnerable">v3.9.0</tag>
<tag state="vulnerable">v3.10.0</tag>
- <tag state="vulnerable">v4.0.0</tag>
- <tag state="fixed">v4.1.0</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ <tag state="fixed">v4.0.0</tag>
<change
state="fixed">24d504396c3c05eff87d29173a224e2faaeb2637</change>
<change
state="fixed">b2042020c32b74069fa5365b5e966537aaba8cf6</change>
<change
state="fixed">7bb4ce9761dfbd1620ddffb26fbd6f0ff1fedf3f</change>
@@ -166,6 +165,10 @@
<change
state="fixed">6b7e7d1cc24a28a9f5ece8626f807189647d14b4</change>
<change
state="fixed">6d4a3cd42781babed7d29b061e220ebff24dd43e</change>
</branch>
+ <branch>
+ <name>v0.8.3-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v0.9.6-maint</name>
<tag state="vulnerable">v0.9.6.1</tag>
@@ -207,6 +210,26 @@
<tag state="vulnerable">v0.10.2.8</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.3-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.0.5-maint</name>
<tag state="vulnerable">v1.0.5.1</tag>
@@ -220,6 +243,22 @@
<tag state="vulnerable">v1.0.5.9</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.0.6-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.1.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.1.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.1.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.1.3-maint</name>
<tag state="vulnerable">v1.1.3.1</tag>
@@ -233,6 +272,46 @@
<tag state="vulnerable">v1.1.3.9</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.1.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.3-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.5-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.6-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.7-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.8-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.2.9-maint</name>
<tag state="vulnerable">v1.2.9.1</tag>
@@ -240,12 +319,40 @@
<tag state="vulnerable">v1.2.9.3</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.2.10-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.11-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.12-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.2.13-maint</name>
<tag state="vulnerable">v1.2.13.1</tag>
<tag state="vulnerable">v1.2.13.2</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.2.14-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.15-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.16-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.17-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.2.18-maint</name>
<tag state="vulnerable">v1.2.18.1</tag>
@@ -254,6 +361,30 @@
<tag state="vulnerable">v1.2.18.4</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.2.19-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.20-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.21-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.3.3-maint</name>
<tag state="vulnerable">v1.3.3.1</tag>
@@ -261,16 +392,40 @@
<tag state="vulnerable">v1.3.3.3</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.3.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.5-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v2.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v2.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v2.2-maint</name>
<tag state="vulnerable">v2.2.1</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v3.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v3.2-maint</name>
<tag state="vulnerable">v3.2.1</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v3.7-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2018/0002.xml b/notices/2018/0002.xml
index 8b8e069..2187633 100644
--- a/notices/2018/0002.xml
+++ b/notices/2018/0002.xml
@@ -160,10 +160,14 @@
<tag state="vulnerable">v3.8.0</tag>
<tag state="vulnerable">v3.9.0</tag>
<tag state="vulnerable">v3.10.0</tag>
- <tag state="fixed">v4.0.0</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ <tag state="fixed">v4.0.0</tag>
<change
state="fixed">bc251ea91bcfddd2622fce6bce701a438b2e7276</change>
</branch>
+ <branch>
+ <name>v0.8.3-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v0.9.6-maint</name>
<tag state="vulnerable">v0.9.6.1</tag>
@@ -205,6 +209,26 @@
<tag state="vulnerable">v0.10.2.8</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.3-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.0.5-maint</name>
<tag state="vulnerable">v1.0.5.1</tag>
@@ -218,6 +242,22 @@
<tag state="vulnerable">v1.0.5.9</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.0.6-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.1.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.1.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.1.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.1.3-maint</name>
<tag state="vulnerable">v1.1.3.1</tag>
@@ -231,6 +271,46 @@
<tag state="vulnerable">v1.1.3.9</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.1.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.3-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.5-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.6-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.7-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.8-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.2.9-maint</name>
<tag state="vulnerable">v1.2.9.1</tag>
@@ -238,12 +318,40 @@
<tag state="vulnerable">v1.2.9.3</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.2.10-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.11-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.12-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.2.13-maint</name>
<tag state="vulnerable">v1.2.13.1</tag>
<tag state="vulnerable">v1.2.13.2</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.2.14-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.15-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.16-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.17-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.2.18-maint</name>
<tag state="vulnerable">v1.2.18.1</tag>
@@ -252,6 +360,30 @@
<tag state="vulnerable">v1.2.18.4</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.2.19-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.20-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.21-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.3.3-maint</name>
<tag state="vulnerable">v1.3.3.1</tag>
@@ -259,16 +391,40 @@
<tag state="vulnerable">v1.3.3.3</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.3.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.5-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v2.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v2.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v2.2-maint</name>
<tag state="vulnerable">v2.2.1</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v3.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v3.2-maint</name>
<tag state="vulnerable">v3.2.1</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v3.7-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2018/0003.xml b/notices/2018/0003.xml
index 2c53626..4e64064 100644
--- a/notices/2018/0003.xml
+++ b/notices/2018/0003.xml
@@ -49,7 +49,6 @@
<product name="libvirt">
<repository>libvirt.git</repository>
-
<branch>
<name>master</name>
<tag state="vulnerable">v0.4.4</tag>
@@ -154,11 +153,15 @@
<tag state="vulnerable">v3.9.0</tag>
<tag state="vulnerable">v3.10.0</tag>
<tag state="vulnerable">v4.0.0</tag>
- <tag state="fixed">v4.1.0</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ <tag state="fixed">v4.1.0</tag>
<change
state="fixed">759b4d1b0fe5f4d84d98b99153dfa7ac289dd167</change>
<change
state="fixed">c2dc6698c88fb591639e542c8ecb0076c54f3dfb</change>
</branch>
+ <branch>
+ <name>v0.8.3-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
<branch>
<name>v0.9.6-maint</name>
<tag state="vulnerable">v0.9.6.1</tag>
@@ -200,6 +203,26 @@
<tag state="vulnerable">v0.10.2.8</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.0.2-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.0.3-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.0.4-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
<branch>
<name>v1.0.5-maint</name>
<tag state="vulnerable">v1.0.5.1</tag>
@@ -213,6 +236,22 @@
<tag state="vulnerable">v1.0.5.9</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
</branch>
+ <branch>
+ <name>v1.0.6-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.1.0-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.1.1-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.1.2-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
<branch>
<name>v1.1.3-maint</name>
<tag state="vulnerable">v1.1.3.1</tag>
@@ -226,6 +265,46 @@
<tag state="vulnerable">v1.1.3.9</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
</branch>
+ <branch>
+ <name>v1.1.4-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.0-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.1-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.2-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.3-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.4-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.5-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.6-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.7-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.8-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
<branch>
<name>v1.2.9-maint</name>
<tag state="vulnerable">v1.2.9.1</tag>
@@ -233,12 +312,40 @@
<tag state="vulnerable">v1.2.9.3</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
</branch>
+ <branch>
+ <name>v1.2.10-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.11-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.12-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
<branch>
<name>v1.2.13-maint</name>
<tag state="vulnerable">v1.2.13.1</tag>
<tag state="vulnerable">v1.2.13.2</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
</branch>
+ <branch>
+ <name>v1.2.14-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.15-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.16-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.17-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
<branch>
<name>v1.2.18-maint</name>
<tag state="vulnerable">v1.2.18.1</tag>
@@ -247,6 +354,30 @@
<tag state="vulnerable">v1.2.18.4</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
</branch>
+ <branch>
+ <name>v1.2.19-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.20-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.2.21-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.3.0-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.3.1-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.3.2-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
<branch>
<name>v1.3.3-maint</name>
<tag state="vulnerable">v1.3.3.1</tag>
@@ -254,16 +385,42 @@
<tag state="vulnerable">v1.3.3.3</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
</branch>
+ <branch>
+ <name>v1.3.4-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v1.3.5-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v2.0-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
+ <branch>
+ <name>v2.1-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
<branch>
<name>v2.2-maint</name>
<tag state="vulnerable">v2.2.1</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
</branch>
+ <branch>
+ <name>v3.0-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ </branch>
<branch>
<name>v3.2-maint</name>
<tag state="vulnerable">v3.2.1</tag>
<change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
</branch>
+ <branch>
+ <name>v3.7-maint</name>
+ <change
state="vulnerable">9ae41a71ac457994b7ca975e9eec7c3fc13ac101</change>
+ <change
state="fixed">3aadeae9709dae6593b5b26e8953b459c6764a6d</change>
+ <change
state="fixed">ee54b0bd7faa3e211346b367f64e502af6442e07</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2018/0004.xml b/notices/2018/0004.xml
index 06d7fd0..2a4f264 100644
--- a/notices/2018/0004.xml
+++ b/notices/2018/0004.xml
@@ -43,7 +43,6 @@
<product name="libvirt">
<repository>libvirt.git</repository>
-
<branch>
<name>master</name>
<tag state="vulnerable">v0.9.10</tag>
@@ -113,6 +112,7 @@
<tag state="vulnerable">v4.0.0</tag>
<tag state="vulnerable">v4.1.0</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ <tag state="fixed">v4.2.0</tag>
<change
state="fixed">fbf31e1a4cd19d6f6e33e0937a009775cd7d9513</change>
</branch>
<branch>
@@ -148,6 +148,26 @@
<tag state="vulnerable">v0.10.2.8</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.0.2-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.0.3-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.0.4-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
<branch>
<name>v1.0.5-maint</name>
<tag state="vulnerable">v1.0.5.1</tag>
@@ -161,6 +181,22 @@
<tag state="vulnerable">v1.0.5.9</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
</branch>
+ <branch>
+ <name>v1.0.6-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.1.0-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.1.1-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.1.2-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
<branch>
<name>v1.1.3-maint</name>
<tag state="vulnerable">v1.1.3.1</tag>
@@ -174,6 +210,46 @@
<tag state="vulnerable">v1.1.3.9</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
</branch>
+ <branch>
+ <name>v1.1.4-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.0-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.1-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.2-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.3-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.4-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.5-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.6-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.7-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.8-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
<branch>
<name>v1.2.9-maint</name>
<tag state="vulnerable">v1.2.9.1</tag>
@@ -181,12 +257,40 @@
<tag state="vulnerable">v1.2.9.3</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
</branch>
+ <branch>
+ <name>v1.2.10-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.11-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.12-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
<branch>
<name>v1.2.13-maint</name>
<tag state="vulnerable">v1.2.13.1</tag>
<tag state="vulnerable">v1.2.13.2</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
</branch>
+ <branch>
+ <name>v1.2.14-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.15-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.16-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.17-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
<branch>
<name>v1.2.18-maint</name>
<tag state="vulnerable">v1.2.18.1</tag>
@@ -195,6 +299,30 @@
<tag state="vulnerable">v1.2.18.4</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
</branch>
+ <branch>
+ <name>v1.2.19-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.20-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.2.21-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.3.0-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.3.1-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.3.2-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
<branch>
<name>v1.3.3-maint</name>
<tag state="vulnerable">v1.3.3.1</tag>
@@ -202,17 +330,44 @@
<tag state="vulnerable">v1.3.3.3</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
</branch>
+ <branch>
+ <name>v1.3.4-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v1.3.5-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v2.0-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v2.1-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
<branch>
<name>v2.2-maint</name>
<tag state="vulnerable">v2.2.1</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
</branch>
+ <branch>
+ <name>v3.0-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
<branch>
<name>v3.2-maint</name>
<tag state="vulnerable">v3.2.1</tag>
<change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
</branch>
-
+ <branch>
+ <name>v3.7-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
+ <branch>
+ <name>v4.1-maint</name>
+ <change
state="vulnerable">c160ce3316852a797d7b06b4ee101233866e69a9</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2018/0005.xml b/notices/2018/0005.xml
index 043ecf9..7f1550e 100644
--- a/notices/2018/0005.xml
+++ b/notices/2018/0005.xml
@@ -155,9 +155,13 @@
<tag state="vulnerable">v4.2.0</tag>
<tag state="vulnerable">v4.3.0</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ <tag state="fixed">v4.4.0</tag>
<change
state="fixed">1dbca2eccad58d91a5fd33962854f1a653638182</change>
<change
state="fixed">9267342206ce17f6933d57a3128cdc504d5945c9</change>
- <tag state="fixed">v4.4.0</tag>
+ </branch>
+ <branch>
+ <name>v0.8.3-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
<branch>
<name>v0.9.6-maint</name>
@@ -200,6 +204,26 @@
<tag state="vulnerable">v0.10.2.8</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.0.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.3-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.0.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.0.5-maint</name>
<tag state="vulnerable">v1.0.5.1</tag>
@@ -213,6 +237,22 @@
<tag state="vulnerable">v1.0.5.9</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.0.6-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.1.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.1.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.1.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.1.3-maint</name>
<tag state="vulnerable">v1.1.3.1</tag>
@@ -226,6 +266,46 @@
<tag state="vulnerable">v1.1.3.9</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.1.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.3-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.5-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.6-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.7-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.8-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.2.9-maint</name>
<tag state="vulnerable">v1.2.9.1</tag>
@@ -233,12 +313,40 @@
<tag state="vulnerable">v1.2.9.3</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.2.10-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.11-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.12-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.2.13-maint</name>
<tag state="vulnerable">v1.2.13.1</tag>
<tag state="vulnerable">v1.2.13.2</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.2.14-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.15-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.16-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.17-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.2.18-maint</name>
<tag state="vulnerable">v1.2.18.1</tag>
@@ -247,6 +355,30 @@
<tag state="vulnerable">v1.2.18.4</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.2.19-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.20-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.2.21-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.2-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v1.3.3-maint</name>
<tag state="vulnerable">v1.3.3.1</tag>
@@ -254,16 +386,44 @@
<tag state="vulnerable">v1.3.3.3</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v1.3.4-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v1.3.5-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v2.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v2.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v2.2-maint</name>
<tag state="vulnerable">v2.2.1</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v3.0-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
<branch>
<name>v3.2-maint</name>
<tag state="vulnerable">v3.2.1</tag>
<change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
</branch>
+ <branch>
+ <name>v3.7-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
+ <branch>
+ <name>v4.1-maint</name>
+ <change
state="vulnerable">23ad665cb05ef9ce7d298cc34bff5efb95ef6948</change>
+ </branch>
</product>
</security-notice>
diff --git a/notices/2019/0001.xml b/notices/2019/0001.xml
index 4d51b2b..9c58c0d 100644
--- a/notices/2019/0001.xml
+++ b/notices/2019/0001.xml
@@ -101,8 +101,8 @@ libvirtd socket]]>
<tag state="vulnerable">v5.0.0</tag>
<tag state="vulnerable">v5.1.0</tag>
<tag state="vulnerable">v5.2.0</tag>
- <tag state="fixed">v5.3.0</tag>
<change
state="vulnerable">0abb36938027f3991f3ce5151b31cca9737a1287</change>
+ <tag state="fixed">v5.3.0</tag>
<change
state="fixed">ae076bb40e0e150aef41361b64001138d04d6c60</change>
<change
state="fixed">2a07c990bd9143d7a0fe8d1b6b7c763c52185240</change>
</branch>
diff --git a/notices/2019/0002.xml b/notices/2019/0002.xml
index 4d8faf9..4867091 100644
--- a/notices/2019/0002.xml
+++ b/notices/2019/0002.xml
@@ -86,8 +86,8 @@ the QEMU guest agent in trusted guests]]>
<tag state="vulnerable">v4.8.0</tag>
<tag state="vulnerable">v4.9.0</tag>
<tag state="vulnerable">v4.10.0</tag>
- <tag state="fixed">v5.0.0</tag>
<change
state="vulnerable">0977b8aa071de550e1a013d35e2c72615e65d520</change>
+ <tag state="fixed">v5.0.0</tag>
<change
state="fixed">7cfd1fbb1332ae5df678b9f41a62156cb2e88c73</change>
</branch>
<branch>
--
2.21.0
7:09 p.m.
New subject: [libvirt] [security-notice PATCH 9/9] notices: re-generate all branch/tag info
On Mon, May 13, 2019 at 12:52:06PM +0100, Daniel P. Berrangé wrote:
Use the new script logic to regenerate all branch tag info for flaws
A few manual edits are still needed, as the script still doesn't cope
with two situations:
- The vulnerable commit from master was backported to an older
branch. We don't search older branches looking for cherry-picks
yet
- There are multiple vulnerable commits, and they were introduce
across multiple releases. This means some older branches only
contain a subset of the vulnerable commits. We don't check
which vulnerable commits are applicable to branches, instead
assuming all vulnerable commits arrived at the same time.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
notices/2008/0001.xml | 6 --
[...]
notices/2019/0002.xml | 2 +-
47 files changed, 1224 insertions(+), 189 deletions(-)
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
5:59 p.m.
New subject: [libvirt] [security-notice PATCH 9/9] notices: re-generate all branch/tag info
On Fri, Jun 14, 2019 at 01:09:44PM +0200, Ján Tomko wrote:
On Mon, May 13, 2019 at 12:52:06PM +0100, Daniel P. Berrangé wrote:
> Use the new script logic to regenerate all branch tag info for flaws
>
> A few manual edits are still needed, as the script still doesn't cope
> with two situations:
>
> - The vulnerable commit from master was backported to an older
> branch. We don't search older branches looking for cherry-picks
> yet
> - There are multiple vulnerable commits, and they were introduce
> across multiple releases. This means some older branches only
> contain a subset of the vulnerable commits. We don't check
> which vulnerable commits are applicable to branches, instead
> assuming all vulnerable commits arrived at the same time.
>
> Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
> ---
> notices/2008/0001.xml | 6 --
[...]
> notices/2019/0002.xml | 2 +-
> 47 files changed, 1224 insertions(+), 189 deletions(-)
>
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Thanks for reviews, I'll push all this with tabs removed. There was also
pre-existing code using tabs that I'll fix.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
1947
days inactive
1984
days old
19 comments
2 participants
participants (2)
-
Daniel P. Berrangé -
Ján Tomko