WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] [PATCH] Add CVE-2006-5753, CVE-2007-0006, CVE-2007-0772, CV

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] [PATCH] Add CVE-2006-5753, CVE-2007-0006, CVE-2007-0772, CVE-2007-0005 and CVE-2007-1000 into patches/
From: "S.Çağlar Onur" <caglar@xxxxxxxxxxxxx>
Date: Mon, 19 Mar 2007 02:17:35 +0200
Delivery-date: Sun, 18 Mar 2007 17:16:56 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Organization: TÜBİTAK / UEKAE
Reply-to: caglar@xxxxxxxxxxxxx
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.9.6
Hi;

Xen-3.0.4-testing is based on 2.6.16.33 which affected by following CVE's;

- CVE-2006-5753: fix bad_inode_ops memory corruption
- CVE-2007-0006: Keys: Fix key serial number collision handling
- CVE-2007-0772: Fix a free-wrong-pointer bug in nfsd/acl
- CVE-2007-0005: Fix buffer overflow in Omnikey CardMan 4040 driver
- CVE-2007-1000: [IPV6]: Handle np->opt being NULL in 
ipv6_getsockopt_sticky().

That patch (not attached due to its size) grabs these from 2.6.16-stable tree 
[1];

[1] http://cekirdek.pardus.org.tr/~caglar/cve.patch

Cheers
-- 
S.Çağlar Onur <caglar@xxxxxxxxxxxxx>
http://cekirdek.pardus.org.tr/~caglar/

Linux is like living in a teepee. No Windows, no Gates and an Apache in house!

Attachment: pgprFxrTk3DPE.pgp
Description: PGP signature

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [PATCH] Add CVE-2006-5753, CVE-2007-0006, CVE-2007-0772, CVE-2007-0005 and CVE-2007-1000 into patches/, S.Çağlar Onur <=