[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-API] [XCP] CVE-2012-0217 - PV privilege escalation and XCP 1.1
Thank you! This should save me time for advanced testing. On 15.06.2012 18:19, Mike McClurg wrote: On 13/06/12 17:06, George Shuklin wrote:Good day. Few days ago very serious issue has been published, allowing 64-bit PV-guest gain control over dom0. AFAIK this is fully affect XCP 1.1 Here more data http://permalink.gmane.org/gmane.comp.security.oss.general/7851 I found that http://support.citrix.com/article/CTX133176 is fixing that. Now, I have few questions: 1) Can I use xen and kernel rpms from that update to install them in XCP installation? 2) What is legal status of that operation? Can I just install xen and linux from XenServer to XCP? (I'm not talking about StrageLink or some closed components, only xen and linux)3) May I freely publish extracted rpms (this is very non-trivial operation)?I have added new xen-hypervisor RPMs to the dowloads.xen.org site for both XCP 1.0 [1] and XCP 1.1 [2]. By tomorrow we'll have updated ISOs for each, as well. Thanks to George for posting the repackaged XenServer rpms.To install the RPMs that I've uploaded, download them to your dom0 and install them with 'rpm -U'.Mike [1] http://downloads.xen.org/XCP/xcp-1.0-rpms/ [2] http://downloads.xen.org/XCP/xcp-1.1-rpms/ _______________________________________________ Xen-api mailing list Xen-api@xxxxxxxxxxxxx http://lists.xen.org/cgi-bin/mailman/listinfo/xen-api
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |