[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] CVE-2011-1166



Jonathan Tripathy writes ("[Xen-devel] CVE-2011-1166"):
> I'm currently looking at CVE-2011-1166:
> 
> http://securitytracker.com/id/1025226
> 
> Am I correct in saying that this issue is fixed in the latest stable 4.x 
> branch, but not in the 3.4.4 release? I see the fix here:
> 
> http://xenbits.xen.org/hg/staging/xen-unstable.hg/rev/c79aae866ad8
> 
> however I do not see the same fix applied in 3.4.4:
> 
> http://xenbits.xen.org/hg/xen-3.4-testing.hg/file/ac68ad6fe4b7/xen/arch/x86/domain.c#l716
> 
> Shouldn't this be fixed?

Probably.  I haven't checked whether 3.4 is vulnerable.  This is a
question for the 3.4 stable tree maintainer, Keith Coleman.  Keith ?

Thanks,
Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.