I Posted this to xen.user but nobody responded, figured it''s better to ask this in the devel section... I noticed that xen-3.0-testing was using kernel 2.6.16.13. Does the -testing tree apply patches to patch against vulnerabilitys found in this kernel version? List of Kernel Advisores: http://secunia.com/product/2719/?task=advisories_2006 Privilege escalation fixed in 2.6.17.10 http://secunia.com/advisories/21515/ Privilege escalation fixed in 2.6.17.5 http://secunia.com/advisories/21041/ Privilege escalation fixed in 2.6.17.4 http://secunia.com/advisories/20953/ Exposure of sensitive information fixed in 2.6.17.1 http://secunia.com/advisories/20703/ -- ~Shaun _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Anybody? -- ~Shaun "Shaun" <mailinglists@unix-scripts.com> wrote in message news:ee5qif$vfs$1@sea.gmane.org...>I Posted this to xen.user but nobody responded, figured it''s better to ask >this in the devel section... > > I noticed that xen-3.0-testing was using kernel 2.6.16.13. Does > the -testing tree apply patches to patch against vulnerabilitys found in > this kernel version? > > List of Kernel Advisores: > http://secunia.com/product/2719/?task=advisories_2006 > > Privilege escalation fixed in 2.6.17.10 > http://secunia.com/advisories/21515/ > Privilege escalation fixed in 2.6.17.5 > http://secunia.com/advisories/21041/ > Privilege escalation fixed in 2.6.17.4 > http://secunia.com/advisories/20953/ > Exposure of sensitive information fixed in 2.6.17.1 > http://secunia.com/advisories/20703/ > > -- > > ~Shaun_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Shaun Reitan wrote:> Does 2.6.16 have all the patches? even ones that where discovered in > 2.6.17, not sure if there are any but just wondering.If you mean security patches... at least as long that tree is supported by kernel.org, but please check yourself and don''t blame me otherwise or if you have a problem (without warranty :-). E.g. one issue mentioned in the original post: Privilege escalation fixed in 2.6.17.10 http://secunia.com/advisories/21515/ Is also fixed in 2.6.16.28 (from 25 Aug 2006), see http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.28 and look for CVE-2006-3745, which is one of the official CVE numbers for that secunia report. I suppose you will find the others, too. Best Regards Michael Paesold _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users