Displaying 20 results from an estimated 1000 matches similar to: "Bug#686764: xen: Multiple security issues"
2012 Sep 19
5
Bug#688125: xen: CVE-2012-2625
Package: xen
Severity: important
Tags: security
Justification: user security hole
Hi,
This issue is still unfixed in Wheezy:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2625
Patch:
http://xenbits.xensource.com/hg/xen-unstable.hg/rev/60f09d1ab1fe
Cheers,
Moritz
2012 Jul 30
5
Bug#683279: CVE-2012-3432
Package: xen
Severity: grave
Tags: security
Please see
http://www.openwall.com/lists/oss-security/2012/07/26/4
Cheers,
Moritz
2014 Aug 31
3
Bug#577788: dom0 kernels should suggest irqbalance
(copying debian-kernel for reasons which will hopefully become obvious)
On Mon, 8 Jul 2013 18:10:58 +0200 =?UTF-8?Q?Moritz_M=C3=BChlenhoff?= <jmm at inutil.org> wrote:
> In current Debian kernel there's no special Xen dom0 kernel image and depending
> on irqbalance in the kernel package would be overkill.
Would it? I thought irqbalance is actually required even for native with
2014 Aug 10
1
Bug#757724: Multiple security issues
Source: xen
Severity: grave
Tags: security
The following security issues are still open in 4.4.0-1:
Xen Security Advisory CVE-2014-2599 / XSA-89
https://marc.info/?l=oss-security&m=139643934717922&w=2
Xen Security Advisory CVE-2014-3124 / XSA-92
https://marc.info/?l=oss-security&m=139894169729664&w=2
Xen Security Advisory CVE-2014-3967,CVE-2014-3968 / XSA-96
2015 Mar 22
1
Bug#780975: CVE-2015-2152
Source: xen
Severity: important
Tags: security
http://xenbits.xen.org/xsa/advisory-119.html
Cheers,
Moritz
2015 Mar 31
1
Bug#781620: CVE-2015-2751 CVE-2015-2752 CVE-2015-2756
Source: xen
Severity: important
Tags: security
Please see
http://xenbits.xen.org/xsa/advisory-125.html
http://xenbits.xen.org/xsa/advisory-126.html
http://xenbits.xen.org/xsa/advisory-127.html
Cheers,
Moritz
2014 Sep 03
0
Bug#577788: dom0 kernels should suggest irqbalance
On Sun, 2014-08-31 at 03:10 +0100, Ian Campbell wrote:
> (copying debian-kernel for reasons which will hopefully become obvious)
>
> On Mon, 8 Jul 2013 18:10:58 +0200 =?UTF-8?Q?Moritz_M=C3=BChlenhoff?= <jmm at inutil.org> wrote:
> > In current Debian kernel there's no special Xen dom0 kernel image and depending
> > on irqbalance in the kernel package would be
2001 Feb 08
1
Uninstall mechanism for windows apps
Windows does have a utility that sums up all installed applications
und allows to remove selected ones.
Is a mechanism like that available for wine too?
2011 Jan 10
1
Bug#609531: CVE-2010-4255: 64-bit PV xen guest can crash host by accessing hypervisor per-domain memory area
Package: xen
Severity: grave
Tags: security
Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4255
for a description and a link to the upstream report/patch.
Cheers,
Moritz
2016 May 06
3
Bug#823620: Multiple security issues
Source: xen
Severity: grave
Tags: security
Multiple vulnerabilities are unfixed in xen:
CVE-2015-5307:
http://xenbits.xen.org/xsa/advisory-156.html
CVE-2016-3960
http://xenbits.xen.org/xsa/advisory-173.html
CVE-2016-3159 / CVE-2016-3158
http://xenbits.xen.org/xsa/advisory-172.html
CVE-2016-2271
http://xenbits.xen.org/xsa/advisory-170.html
CVE-2016-2270
2017 Jul 17
2
Updated Xen packages for XSA 216..225
Salvatore Bonaccorso writes ("Re: Updated Xen packages for XSA 216..225"):
> On Tue, Jul 11, 2017 at 11:34:38PM +0200, Moritz Muehlenhoff wrote:
> > On Mon, Jul 03, 2017 at 12:33:54PM +0100, Ian Jackson wrote:
> > > Moritz M?hlenhoff writes ("Re: Updated Xen packages for XSA 216..225"):
> > > > Sorry for the late reply, was on vacation for a week.
2015 Mar 10
2
Bug#780227: XSA-123 / CVE-2015-2151 Hypervisor memory corruption due to x86 emulator flaw
Package: xen-hypervisor-4.1-amd64
Version: 4.1.4-3+deb7u4
Severity: critical
Hi,
Not sure how come I'm the first one to file this kind of a bug report :)
but here goes JFTR...
http://xenbits.xen.org/xsa/advisory-123.html was embargoed, but advance
warning was given to several big Xen VM farms, which led to e.g.
https://aws.amazon.com/premiumsupport/maintenance-2015-03/
2017 May 04
2
Bug#861660: Xen package security updates for jessie 4.4, XSA-213, XSA-214
Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"):
> On Thu, May 04, 2017 at 05:59:18PM +0100, Ian Jackson wrote:
> > Should I put jessie-security in the debian/changelog and dgit push it
> > (ie, from many people's pov, dput it) ?
>
> Yes, the distribution line should be jessie-security, but please send
> a
2017 Jul 11
2
Updated Xen packages for XSA 216..225
On Mon, Jul 03, 2017 at 12:33:54PM +0100, Ian Jackson wrote:
> Moritz M?hlenhoff writes ("Re: Updated Xen packages for XSA 216..225"):
> > Sorry for the late reply, was on vacation for a week. What's the status
> > of jessie? Most of the XSAs seem to affect oldstable as well.
>
> Sorry, I forgot about them...
>
> I will see what I can do.
Did you look
2014 Jun 17
1
Bug#751894: xen: CVE-2014-4021 / XSA-100
Package: xen
Version: 4.0.1-5.11
Severity: important
Tags: security, fixed-upstream
Please see for details: http://www.openwall.com/lists/oss-security/2014/06/17/6
Patch: http://seclists.org/oss-sec/2014/q2/att-549/xsa100.patch
---
Henri Salo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc:
2015 Jan 27
0
CVE-2015-0235 - glibc gethostbyname
Packages are being built for CentOS 5, 6 & 7 at the moment:
https://twitter.com/CentOS/status/560128242682966017 &
https://twitter.com/CentOS/status/560138182441070592
On 27 January 2015 at 20:22, Valeri Galtsev <galtsev at kicp.uchicago.edu>
wrote:
>
> On Tue, January 27, 2015 1:58 pm, Peter Lawler wrote:
> > On 28/01/15 04:47, Always Learning wrote:
> >>
>
2013 Nov 23
1
Bug#730254: xen: CVE-2013-6375: Insufficient TLB flushing in VT-d (iommu) code
Package: xen
Version: 4.0.1-5.11
Severity: important
Tags: security, patch, fixed-upstream
http://www.openwall.com/lists/oss-security/2013/11/21/2
Description:
An inverted boolean parameter resulted in TLB flushes not happening
upon clearing of a present translation table entry. Retaining stale
TLB entries could allow guests access to memory that ought to have
been revoked, or grant greater
2015 Jan 27
4
CVE-2015-0235 - glibc gethostbyname
On Tue, January 27, 2015 1:58 pm, Peter Lawler wrote:
> On 28/01/15 04:47, Always Learning wrote:
>>
>> Saw this on the Exim List:-
>>
> <SNIP>
>>
>> I use Exim on C5 and C6 - should I be worried about Exim on C6 ?
>>
>
> upstream references:
> https://rhn.redhat.com/errata/RHSA-2015-0092.html
When I read this I read that it is fixed in
2002 May 30
1
tty settings with rsync -e ssh interrupt
best described here:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=64689
Confirmed also present with the rpm build at
http://rsync.samba.org/ftp/rsync/binaries/redhat/rsync-2.4.6-1.i386.rpm
Please cc: me on replies (I'm not on the list, yet - my procmailrc's
in a major state of flux as I'm switching machines) and/or add comments
to the above bugzilla entry
James
--
James
2001 Oct 24
2
wine and openwall kernel-patch
Hello.
Is it possible to run wine on openwall-patched linux kernel?
Invoking /opt/wine/bin/wine.bin /home/ftp/pub/windows/telnet/putty.exe
...
err:win32:do_relocations Standard load address for a Win32 program not
available - patched kernel ?
err:win32:do_relocations FATAL: Need to relocate
Z:\home\ftp\pub\windows\telnet\putty.exe, but no relocation records
present (stripped during link). Try to