|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] are Xen 3.1.0 kernels CVE-2007-4573 vulnerable
Hi; 01 Eki 2007 Pts tarihinde, Steven Timm ÿÿunlarÿÿ yazmÿÿÿÿtÿÿ:Does anyone know if the Xen 3.1.0 kernels as distributed in the "open source" tarballs (x86_64 version) are vulnerable to the recently-announced vulnerability CVE-2007-4573? IF so, is there any plan to release patched tarballs anytime soon?Yes it is. And current provided tarball also vulnerable against ~30 CVE+(cause all these vulnerabilities are discovered after 2.6.18 which is Xen-3.xbased on) so i suggest using your distros provided one instead of upstream one. Cheers You suggest "using your distro-provided one" but of course Red Hat only provides Xen 3.0.3, not Xen 3.1 which I need to run 64-bit host and 32-bit (or 64-bit) clients. NO, TRY FEDORA 8 / RAWHIDE WITH LASTED XEN 3.1 Does anyone have a good recipe to merge xen 3.1.0 patches and 2.6.18-8.1.14 as distributed by RedHat and friends? x86_64 version, I mean. I know there is one there for the i386 version on the web site but there is not one for the x86_64 version. What are people doing who are running Xen 3.1 on redhat 5 and friends, but need to stay current with the many kernel security patches? Any help is appreciated. Steve Timm -------------------- Itamar Reis Peixoto e-mail/msn: itamar@xxxxxxxxxxxxxxxx skype: itamarjp icq: 81053601+55 11 4063 5033 _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |