This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] XenServer Denial of Service patch details?

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] XenServer Denial of Service patch details?
From: Bastian Blank <bastian@xxxxxxxxxxxx>
Date: Sat, 14 May 2011 16:43:32 +0200
Delivery-date: Sat, 14 May 2011 07:45:05 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <BANLkTik4bzKdF=pSoFdQ+4-z_CzUVUDbqQ@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Mail-followup-to: Bastian Blank <bastian@xxxxxxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
References: <BANLkTik4bzKdF=pSoFdQ+4-z_CzUVUDbqQ@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.20 (2009-06-14)
On Fri, May 13, 2011 at 09:51:45AM -0700, Melody Bliss wrote:
> Does anyone have any details of the XenServer DOS patch?

This smells like CVE-2011-1166. Please always cite the CVE designation.

> One of my coworkers got the following email from Citrix stating that
> XenServer has a patch. Does anyone know if the DOS attach is XenServer
> specific or if it also applies to Xen?

It applies to Xen and is fixed in 4.1 and pending for 4.0.


Worlds are conquered, galaxies destroyed -- but a woman is always a woman.
                -- Kirk, "The Conscience of the King", stardate 2818.9

Xen-users mailing list

<Prev in Thread] Current Thread [Next in Thread>