[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-API] [XCP] CVE-2012-0217 - PV privilege escalation and XCP 1.1

Right now I do initial testing in laboratory for those rpms, but their installation in XCP seems be very ugly. XenServer xen-hypervisor package simply conflicts with native xcp's and was installed with --force option.

And I kinda worry about how well it all will operates...

On 14.06.2012 06:48, Carlos Eduardo Tavares Terra wrote:
Good question...
I have the same doubt...

On Wed, Jun 13, 2012 at 1:06 PM, George Shuklin <george.shuklin@xxxxxxxxx> wrote:
Good day.

Few days ago very serious issue has been published, allowing 64-bit PV-guest gain control over dom0. AFAIK this is fully affect XCP 1.1

Here more data http://permalink.gmane.org/gmane.comp.security.oss.general/7851

I found that http://support.citrix.com/article/CTX133176 is fixing that.

Now, I have few questions:
1) Can I use xen and kernel rpms from that update to install them in XCP installation?
2) What is legal status of that operation? Can I just install xen and linux from XenServer to XCP? (I'm not talking about StrageLink or some closed components, only xen and linux)
3) May I freely publish extracted rpms (this is very non-trivial operation)?


Xen-api mailing list

Carlos Eduardo Tavares Terra
Red Hat Certified Engineer
Consultor em Infraestrutura de TI
GNU/Linux #413291 [http://counter.li.org]
Xen-api mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.