[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] PATCH: CVE-2007-0998: Remove access to QEMU monitor in VNC server

To: xen-devel@xxxxxxxxxxxxxxxxxxx, "Daniel P. Berrange" <berrange@xxxxxxxxxx>
From: "S.ÃaÄlar Onur" <caglar@xxxxxxxxxxxxx>
Date: Sat, 19 May 2007 02:39:13 +0300
Delivery-date: Fri, 18 May 2007 16:37:44 -0700
List-id: Xen developer discussion <xen-devel.lists.xensource.com>

19 Mar 2007 Pts tarihinde, Daniel P. Berrange ÅunlarÄ yazmÄÅtÄ: 
> This patch fixes a security issue present in any Xen 3.0.3 or later when
> the VNC server is enabled for a HVM guest.
>
> cf CVE-2007-0998 / the RHEL-5 security errata:
>
>    http://rhn.redhat.com/errata/RHSA-2007-0114.html

Same patch applies cleanly on Xen-3.1.0, is it forgetton?

-- 
S.ÃaÄlar Onur <caglar@xxxxxxxxxxxxx>
http://cekirdek.pardus.org.tr/~caglar/

Linux is like living in a teepee. No Windows, no Gates and an Apache in house!

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Follow-Ups:
- Re: [Xen-devel] PATCH: CVE-2007-0998: Remove access to QEMU monitor in VNC server
  - From: Keir Fraser

Prev by Date: [Xen-devel] [PATCH] Cannot find Xen Python modules
Next by Date: Re: [Xen-devel] [PATCH] Enabling vtpm causes installation error
Previous by thread: [Xen-devel] [PATCH] Cannot find Xen Python modules
Next by thread: Re: [Xen-devel] PATCH: CVE-2007-0998: Remove access to QEMU monitor in VNC server
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.