oss-sec mailing list archives
CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete)
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 19 Dec 2008 10:59:40 +0100
Hello Steve, originally CVE id of CVE-2008-4405 has been assigned to the following Xen backend issue: Original references: http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html (place where was pointed out, this is a security problem -^). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4405 Original patch: http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70 The problem: Daniel P.Berrange has discovered, this original patch is incomplete to fix this issue. More details here: http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00842.html Credit goes to: Daniel P.Berrange Steve, could you please allocate a new CVE id for this revised fix? Thanks, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete) Jan Lieskovsky (Dec 19)
- Re: CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete) Steven M. Christey (Dec 24)