This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] XenServer Denial of Service patch details?

To: Bastian Blank <bastian@xxxxxxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] XenServer Denial of Service patch details?
From: Melody Bliss <melodybliss@xxxxxxxxx>
Date: Sun, 15 May 2011 21:08:16 -0700
Delivery-date: Sun, 15 May 2011 21:09:37 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=PoP55HSLnVz0MUlDrzwnJNoF4JxN/ygE6iOdq4i6UKo=; b=lQddcAaacvHsCOpu1VryBMu3GHSsZXB+6MhLPlbBudENd1KY05KC4MIx1h5Y4zgfh/ Rc2tAGBE3sQsB24cRknydDJ/cbInQAtdyc2+iV7IzsH6UBi16G7zrJ72LS74uHu+wc3m nGlqCtc7XE6+HevtEeQyKVsIXPf1LYDwt6hAo=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=DzTtLN8GL//GOv+pTzmp7A6DyszbYC7p7GY0mGo6QUbUKNiLFF3CY1k6J6E6AyVoRT I/GaoxqZdjGLseBNDyYizBMroZjQCp1ziH7/GLl89RwoWovGuO+fmfLPAHNQf3L2311Z xdEv8pix85l6DvbrS8VDkg+5S0Zdt1BSVXIgI=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20110514144332.GB14955@xxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <BANLkTik4bzKdF=pSoFdQ+4-z_CzUVUDbqQ@xxxxxxxxxxxxxx> <20110514144332.GB14955@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
On Sat, May 14, 2011 at 7:43 AM, Bastian Blank <bastian@xxxxxxxxxxxx> wrote:
> On Fri, May 13, 2011 at 09:51:45AM -0700, Melody Bliss wrote:
>> Does anyone have any details of the XenServer DOS patch?
> This smells like CVE-2011-1166. Please always cite the CVE designation.

Bastian, I would have but I had no details of this vulnerability other
than the XenServer URL links pointing to the patches for it, thus my
request if anyone had details on this DOS.

>> One of my coworkers got the following email from Citrix stating that
>> XenServer has a patch. Does anyone know if the DOS attach is XenServer
>> specific or if it also applies to Xen?
> It applies to Xen and is fixed in 4.1 and pending for 4.0.

Do we know if there is a 3.x patch at all? I'm going to assume no
since work looks to be going on on 4.x instead typically.


Melody Bliss
Usenix, SAGE and LOPSA Charter Member
Patron Member of the NRA

Xen-users mailing list

<Prev in Thread] Current Thread [Next in Thread>