[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] [Xen-devel] Security patches

On Thu, 2012-09-06 at 10:08 +0100, kk s wrote:
> Hi Ian,
> Thanks for your reply. Sorry to bother you with this. I am bit
> confused and so I am asking to make clear myself.
> Reg CVE-2012-2934 -
> http://lists.xen.org/archives/html/xen-announce/2012-06/msg00002.html
> Is Xen 3.4 too affected with this vulnerable? If so I couldn't find
> the patch for xen 3.4 and it does exit for xen 4.x only.

I expect it does effect 3.4, but only if you are running on one of the
listed processors.

security@xxxxxxx doesn't provide security support for 3.4 any more. If
you aren't able to backport the 4.0 patch yourself, you would need to
speak to Keith Coleman who is the 3.4 stable maintainer.

> I don't how to apply the following patches since I have created rpm
> with patches applied that included as downloadable file. But for these
> patches I am not seeing any downloadable file.
> http://lists.xen.org/archives/html/xen-devel/2012-02/msg00212.html
> http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html
> http://lists.xen.org/archives/html/xen-devel/2012-08/msg00855.html
> If you can clear this for me that would be great :)

I already pointed you at http://wiki.xen.org/wiki/Security_Announcements
which should have all the links you need.

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.