oss-sec mailing list archives
Re: [vendor-sec] Re: [oss-security] New Xen ioemu: PVFB backend issue
From: Robert Buchholz <rbu () gentoo org>
Date: Tue, 24 Jun 2008 10:14:47 +0200
On Monday 23 June 2008, Steven M. Christey wrote:
On Thu, 19 Jun 2008, Nico Golde wrote:Can you take care about the remaining steps to get this on the mitre site or Steve could you update this? Quite some time passed since this was assigned :)There was enough in the initial post, I just missed it the first time around. Any idea on affected Xen versions?
It is not part of the latest release 3.2.1, as it was only introduced two days prior (May 13) here: http://xenbits.xensource.com/xen-unstable.hg?rev/53195719f762 As mentioned, fixed here: http://xenbits.xensource.com/xen-unstable.hg?rev/9044705960cb As for the first commit, it does not fall under CVE-2008-1952 -- so I assume we need a new CVE, marking CVE-2008-1952 as an improper fix for it.
====================================================== Name: CVE-2008-1952
...
amoount of guest memory.
a-moo-unt ? ;-) Robert
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- [vendor-sec] [oss-security] New Xen ioemu: PVFB backend issue Jan Lieskovsky (May 21)
- Re: New Xen ioemu: PVFB backend issue Nico Golde (Jun 19)
- Re: New Xen ioemu: PVFB backend issue Steven M. Christey (Jun 23)
- Re: [vendor-sec] Re: [oss-security] New Xen ioemu: PVFB backend issue Robert Buchholz (Jun 24)
- Re: New Xen ioemu: PVFB backend issue Steven M. Christey (Jun 23)
- Re: New Xen ioemu: PVFB backend issue Nico Golde (Jun 19)