|
|
|
|
|
|
|
|
|
|
xen-users
Re: [Xen-users] are Xen 3.1.0 kernels CVE-2007-4573 vulnerable
Hi;
01 Eki 2007 Pts tarihinde, Steven Timm ÿÿunlarÿÿ yazmÿÿÿÿtÿÿ:
Does anyone know if the Xen 3.1.0 kernels as distributed in
the "open source" tarballs (x86_64 version) are vulnerable to the
recently-announced vulnerability CVE-2007-4573?
IF so, is there any plan to release patched tarballs anytime soon?
Yes it is. And current provided tarball also vulnerable against ~30 CVE+
(cause all these vulnerabilities are discovered after 2.6.18 which is
Xen-3.x
based on) so i suggest using your distros provided one instead of upstream
one.
Cheers
You suggest "using your distro-provided one" but of course Red Hat
only provides Xen 3.0.3, not Xen 3.1 which I need to run 64-bit host
and 32-bit (or 64-bit) clients.
NO, TRY FEDORA 8 / RAWHIDE WITH LASTED XEN 3.1
Does anyone have a good recipe to merge xen 3.1.0 patches and
2.6.18-8.1.14 as distributed by RedHat and friends? x86_64 version, I
mean. I know there is one there for the i386 version on
the web site but there is not one for the x86_64 version. What
are people doing who are running Xen 3.1 on redhat 5 and friends, but
need to stay current with the many kernel security patches? Any help
is appreciated.
Steve Timm
--------------------
Itamar Reis Peixoto
e-mail/msn: itamar@xxxxxxxxxxxxxxxx
skype: itamarjp
icq: 81053601
+55 11 4063 5033
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|