[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Xen 3.4.4 security fixes

To: xen-devel@xxxxxxxxxxxxx
From: Jonathan Tripathy <jonnyt@xxxxxxxxxxx>
Date: Mon, 27 Feb 2012 12:00:07 +0000
Delivery-date: Mon, 27 Feb 2012 12:00:56 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hi Everyone,

I note that Xen 3.4.4 has been released

http://blog.xen.org/index.php/2012/01/27/xen-3-4-4-update-release/

There is something that I am confused about though. In the release announcement, it mentions one of the features of the update being:

" Security enhancements including CVE-2011-1583"

However, the aforementioned CVE seems to only apply to other versions of Xen (3.4.x is missing in the list of venerable software)

While I'm obviously happy that the latest release is free of this bug, can someone please shed some light on how this bug was fixed in 3.4.4, when it wasn't supposed to be present in the first place in 3.4.3?

Also, what other security-related bugs have been fixed? It there a list somewhere?

I think it's great that there are members out there willing to maintain the 3.4.x branch. It's very stable. Good job folks!

Cheers

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] Xen 3.4.4 security fixes
  - From: Ian Campbell

Prev by Date: Re: [Xen-devel] [PATCH v4 1/3] libxc: introduce XC_SAVE_ID_TOOLSTACK
Next by Date: [Xen-devel] [PATCH DOCDAY] hcall: markup the event channel hypercalls to improve generated docs
Previous by thread: [Xen-devel] [PATCH 0 of 4 v4] blkif.h: Document protocol and existing extensions
Next by thread: Re: [Xen-devel] Xen 3.4.4 security fixes
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.