[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] are Xen 3.1.0 kernels CVE-2007-4573 vulnerable


01 Eki 2007 Pts tarihinde, Steven Timm ÅunlarÄ yazmÄÅtÄ: 
> Does anyone know if the Xen 3.1.0 kernels as distributed in
> the "open source" tarballs (x86_64 version) are vulnerable to the
> recently-announced  vulnerability CVE-2007-4573?
> IF so, is there any plan to release patched tarballs  anytime soon?

Yes it is. And current provided tarball also vulnerable against ~30 CVE+ 
(cause all these vulnerabilities are discovered after 2.6.18 which is Xen-3.x 
based on) so i suggest using your distros provided one instead of upstream 

S.ÃaÄlar Onur <caglar@xxxxxxxxxxxxx>

Linux is like living in a teepee. No Windows, no Gates and an Apache in house!

Attachment: signature.asc
Description: This is a digitally signed message part.

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.