Hosting Provided By

Re: [SECURITY] [DSA 1378-1] New Linux 2.6.18 packages fix severalvulnerabilities

From: dann frazier <dannf(at)dannf.org>
Date: Mon Oct 01 2007 - 15:57:29 EDT

On Mon, Oct 01, 2007 at 07:54:09PM +0200, Ralf Hemmenst??dt wrote:
>
> As Tim Wickberg already mentioned last week the local root exploit
> due to CVE-2007-4573 still works for the updated Xen kernel
> packages.
>
> This is because of the fact xen does not use ia32entry.S but
> ia32entry-xen.S which is located in linux-2.6-xen-sparse.
>
> I have attached the patch to fix CVE-2007-4573 for Xen-x86_64

Thanks Ralf (and Tim) - I'll try to get a new update sent out this afternoon.

-- 
dann frazier


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Mon Oct 1 16:16:34 2007

This message: [ Message body ]
Next message: arpi hutch: "bainamnu"
Previous message: Ralf HemmenstÃ¤dt: "Re: [SECURITY] [DSA 1378-1] New Linux 2.6.18 packages fix severalvulnerabilities"
In reply to: Ralf HemmenstÃ¤dt: "Re: [SECURITY] [DSA 1378-1] New Linux 2.6.18 packages fix severalvulnerabilities"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 07 2007 - 07:53:08 EDT