Displaying 4 results from an estimated 4 matches for "60f09d1ab1fe".
2012 Sep 19
5
Bug#688125: xen: CVE-2012-2625
Package: xen
Severity: important
Tags: security
Justification: user security hole
Hi,
This issue is still unfixed in Wheezy:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2625
Patch:
http://xenbits.xensource.com/hg/xen-unstable.hg/rev/60f09d1ab1fe
Cheers,
Moritz
2012 Oct 26
0
Xen Security Advisory 25 (CVE-2012-4544) - Xen domain builder Out-of-memory due to malicious kernel/ramdisk
...M guests will avoid this vulnerability.
RELATED ISSUE
=============
CVE-2012-2625 covers a bug in pygrub which caused that process to
consume excessive amount of memory under similar circumstances to the
above.
This was fixed in xen-unstable (and the fix inherited by Xen 4.2.x) in
revision 25589:60f09d1ab1fe but not called out as a security problem.
This fix is also included, where relevant, in the patches below.
RESOLUTION
==========
Applying the appropriate attached patch resolves this issue, including
the related pygrub fix where neccesary.
xsa25-unstable.patch Xen unstable
xsa25-4.2.patch...
2012 Nov 13
0
Xen Security Advisory 25 (CVE-2012-4544, CVE-2012-2625) - Xen domain builder Out-of-memory due to malicious kernel/ramdisk
...(nb: use of pygrub *is* vulnerable).
Running only HVM guests will avoid these vulnerabilities.
RESOLUTION
==========
Applying the appropriate attached patch resolves these issues.
The pygrub problem (CVE-2012-2625) was fixed in xen-unstable (and the
fix inherited by Xen 4.2.x) in revision 25589:60f09d1ab1fe but not
called out as a security problem. This fix is also included, where
necessary, in the patches below.
xsa25-unstable.patch Xen unstable
xsa25-4.2.patch Xen 4.2.x
xsa25-4.1.patch Xen 4.1.x
$ sha256sum xsa25*.patch
613e4b82cdc9cabf9cbd52076118887b298c47e680c206...
2012 Jul 04
0
[xen-unstable test] 13460: regressions - FAIL
...timed out.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Zhigang Wang <zhigang.x.wang@oracle.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
changeset: 25589:60f09d1ab1fe
user: M A Young <m.a.young@durham.ac.uk>
date: Wed Jul 04 15:46:14 2012 +0100
pygrub: cope better with big files in the guest.
Only read the first megabyte of a configuration file (grub etc.) and read the
kernel and ramdisk files from the guest in one megab...