search for: ngolde

...ontact the release team for this. This is an automatically generated mail, in case you are already working on an upgrade this is of course pointless. For further information: [0] http://www.debian.org/doc/developers-reference/pkgs.html#upload-stable Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available Url : http://list...

...n etch. Please have a look at: http://lists.xensource.com/archives/html/xen-devel/2007-05/msg00021.html http://xenbits.xensource.com/xen-unstable.hg?rev/9e86260b95a4 For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1320 Kind regards Nico -- Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://list...

...in domain 0 via a crafted grub.conf file whose | contents are used in exec statements. If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4993 Kind regards Nico -- Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://list...

tags 446771 + patch thanks Hi, attached is a patch to fix this if you don't already have one. Kind regards Nico -- Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: CVE-2007-4993.patch Type: text/x-diff Size: 4742 bytes Desc: not available Url : http://lists.aliot...

...patch for these issues is linked on the mitre website. The xen version in etch is also affected. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5907 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5906 Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://list...

...users to truncate arbitrary files via a symlink attack on | /tmp/xenq-shm. If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3919 Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://list...

...se also include the CVE id in your changelog entry. https://bugzilla.redhat.com/attachment.cgi?id=296005 is the patch (tools/ioemu/block.c should get patched). For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://list...

...s please also make sure to include the > > CVE ids in your changelog entry. > > There is nothing to fix. If you close this bug again please close it with the proper version numbers and state why the new versions are not affected anymore. Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available Url : http://list...

Source: xen-unstable Version: 3.3-unstable+hg17602-1 Severity: grave Tags: security, patch Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for xen-unstable. CVE-2008-1943[0]: | Buffer overflow in the backend of XenSource Xen Para Virtualized Frame | Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial | of service (crash) and possibly execute