[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-API] [XCP] CVE-2012-0217 - PV privilege escalation and XCP 1.1

Good day.

Few days ago very serious issue has been published, allowing 64-bit PV-guest gain control over dom0. AFAIK this is fully affect XCP 1.1

Here more data http://permalink.gmane.org/gmane.comp.security.oss.general/7851

I found that http://support.citrix.com/article/CTX133176 is fixing that.

Now, I have few questions:
1) Can I use xen and kernel rpms from that update to install them in XCP installation? 2) What is legal status of that operation? Can I just install xen and linux from XenServer to XCP? (I'm not talking about StrageLink or some closed components, only xen and linux)
3) May I freely publish extracted rpms (this is very non-trivial operation)?


Xen-api mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.