Displaying 4 results from an estimated 4 matches for "xsa19".
Did you mean:
hsa19
2012 Sep 06
1
Fwd: [Xen-announce] Xen Security Advisory 19 - guest administrator can access qemu monitor console
...different context, not to Xen
upstream, and assigned CVE-2007-0998 and fixed in a different way. We
have requested a new CVE for XSA-19 but it is not yet available.
RESOLUTION
==========
The attached patch against qemu-xen-traditional
(qemu-xen-4.*-testing.git) resolves this issue.
$ sha256sum xsa19-qemu-all.patch
19fc5ff9334e7e7ad429388850dc6e52e7062c21a677082e7a89c2f2c91365fa
xsa19-qemu-all.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xsa19-qemu-all.patch
Type: application/octet-stream
Size: 924 bytes
Desc: not available
URL: <http://lists.alio...
2012 Sep 07
0
Xen Security Advisory 19 (CVE-2012-4411) - guest administrator can access qemu monitor console
...for
systems using libvirt.
NOTE REGARDING EMBARGO
======================
This issue was publicly discussed online by its discoverer.
There is therefore no embargo.
RESOLUTION
==========
The attached patch against qemu-xen-traditional
(qemu-xen-4.*-testing.git) resolves this issue.
$ sha256sum xsa19-qemu-all.patch
19fc5ff9334e7e7ad429388850dc6e52e7062c21a677082e7a89c2f2c91365fa xsa19-qemu-all.patch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJQSc6yAAoJEIP+FMlX6CvZ3MMIAJ3BfY4EXmye0ucZKU2zsrNx
R9w3AXdZWywf9qWX9DvgnJ0r4v/1wukqYwqpShAYNRHnbc3M15/ipEyLZDS2L4I2
O...
2012 Sep 06
0
Bug#686848: CVE-2007-0998: Qemu monitor can be used to access host resources
...different context, not to Xen
upstream, and assigned CVE-2007-0998 and fixed in a different way. We
have requested a new CVE for XSA-19 but it is not yet available.
RESOLUTION
==========
The attached patch against qemu-xen-traditional
(qemu-xen-4.*-testing.git) resolves this issue.
$ sha256sum xsa19-qemu-all.patch
19fc5ff9334e7e7ad429388850dc6e52e7062c21a677082e7a89c2f2c91365fa xsa19-qemu-all.patch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJQSMr3AAoJEIP+FMlX6CvZ2O8H/2cZuOEMQd6ELDSmgj2fVaYl
qpev3Ux50+wHsBf2JS4XMW+f6wwNWa8IBP1GL+SUvOLVr0PGYb8cbISy+zp6z+ku
m...
2012 Sep 06
0
Re: [oss-security] Xen Security Advisory 19 - guest administrator can access qemu monitor console
...it is not yet available.
Ahh I see the request now (it was in a different email folder). Please
use CVE-2012-4411 for this issue.
> RESOLUTION
> ==========
>
> The attached patch against qemu-xen-traditional
> (qemu-xen-4.*-testing.git) resolves this issue.
>
> $ sha256sum xsa19-qemu-all.patch
> 19fc5ff9334e7e7ad429388850dc6e52e7062c21a677082e7a89c2f2c91365fa xsa19-qemu-all.patch
>
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Lin...