[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Xen 3.4.4 security fixes

To: Jonathan Tripathy <jonnyt@xxxxxxxxxxx>
From: Ian Campbell <Ian.Campbell@xxxxxxxxxx>
Date: Mon, 27 Feb 2012 12:08:58 +0000
Cc: "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Mon, 27 Feb 2012 12:09:27 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Mon, 2012-02-27 at 12:00 +0000, Jonathan Tripathy wrote:
> " Security enhancements including CVE-2011-1583"
> 
> However, the aforementioned CVE seems to only apply to other versions
> of Xen (3.4.x is missing in the list of venerable software)
> 
> While I'm obviously happy that the latest release is free of this bug,
> can someone please shed some light on how this bug was fixed in 3.4.4,
> when it wasn't supposed to be present in the first place in 3.4.3?

Given that 3.3 and 4.0 were vulnerable I think this is simply a case of
3.4 being accidentally omitted from the list.

Ian.



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] Xen 3.4.4 security fixes
  - From: Jonathan Tripathy

References:
- [Xen-devel] Xen 3.4.4 security fixes
  - From: Jonathan Tripathy

Prev by Date: [Xen-devel] [PATCH DOCDAY] hcall: markup the event channel hypercalls to improve generated docs
Next by Date: Re: [Xen-devel] [xen-unstable bisection] complete test-amd64-i386-rhel6hvm-amd
Previous by thread: [Xen-devel] Xen 3.4.4 security fixes
Next by thread: Re: [Xen-devel] Xen 3.4.4 security fixes
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.