Notified: June 19, 2019 Updated: June 20, 2019
Statement Date: June 20, 2019
You can find information about which packages(variants)a CVE affected and if(plus when)a package was fixed on our security tracker: https://security.archlinux.org/CVE-2019-11477 https://security.archlinux.org/CVE-2019-11478 https://security.archlinux.org/CVE-2019-11479 We have also published advisories to our distro specific mailinglists and on the security tracker which you will find below. The advisories contain workarounds that we recommended.
To summarize the fixed versions there: kernel:linux affected:5.1.10.arch1-1 fixed:5.1.11.arch1-1 advisory:https://security.archlinux.org/ASA-201906-13 kernel:linux-lts affected:4.19.51-1 fixed:4.19.52-1 advisory:https://security.archlinux.org/ASA-201906-14 kernel:linux-hardened affected:4.19.52-1 fixed:5.1.11.a-1 advisory:https://security.archlinux.org/ASA-201906-12 kernel:linux-zen affected:5.1.10.zen1-1 fixed:5.1.11.zen1-1 advisory:https://security.archlinux.org/ASA-201906-15