[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] CVE-2011-1166

To: "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>
From: Jonathan Tripathy <jonnyt@xxxxxxxxxxx>
Date: Tue, 28 Feb 2012 17:44:49 +0000
Delivery-date: Tue, 28 Feb 2012 17:45:18 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hi Everyone,

I'm currently looking at CVE-2011-1166:

http://securitytracker.com/id/1025226

Am I correct in saying that this issue is fixed in the latest stable 4.xbranch, but not in the 3.4.4 release? I see the fix here:


http://xenbits.xen.org/hg/staging/xen-unstable.hg/rev/c79aae866ad8

however I do not see the same fix applied in 3.4.4:

http://xenbits.xen.org/hg/xen-3.4-testing.hg/file/ac68ad6fe4b7/xen/arch/x86/domain.c#l716

Shouldn't this be fixed?

Thanks

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] CVE-2011-1166
  - From: Ian Jackson

Prev by Date: Re: [Xen-devel] [PATCH] [PATCH v3] Add the bios option to specify the bios to load
Next by Date: Re: [Xen-devel] make install not creating lib entries in /usr/lib under Ubunu 11.10
Previous by thread: [Xen-devel] [PATCH] [PATCH v3] Add the bios option to specify the bios to load
Next by thread: Re: [Xen-devel] CVE-2011-1166
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.