thr3ads.net - Xen devel - [Xen-devel] [PATCH] Add CVE-2006-5753, CVE-2007-0006, CVE-2007-0772, CVE-2007-0005 and CVE-2007-1000 into patches/ [Mar 2007]

If this information is useful, please help other people find it:
Share via:

S.Çağlar Onur

2007-Mar-19 00:17 UTC

[Xen-devel] [PATCH] Add CVE-2006-5753, CVE-2007-0006, CVE-2007-0772, CVE-2007-0005 and CVE-2007-1000 into patches/

Hi;

Xen-3.0.4-testing is based on 2.6.16.33 which affected by following
CVE''s;

- CVE-2006-5753: fix bad_inode_ops memory corruption
- CVE-2007-0006: Keys: Fix key serial number collision handling
- CVE-2007-0772: Fix a free-wrong-pointer bug in nfsd/acl
- CVE-2007-0005: Fix buffer overflow in Omnikey CardMan 4040 driver
- CVE-2007-1000: [IPV6]: Handle np->opt being NULL in 
ipv6_getsockopt_sticky().

That patch (not attached due to its size) grabs these from 2.6.16-stable tree 
[1];

[1] http://cekirdek.pardus.org.tr/~caglar/cve.patch

Cheers
-- 
S.Çağlar Onur <caglar@pardus.org.tr>
http://cekirdek.pardus.org.tr/~caglar/

Linux is like living in a teepee. No Windows, no Gates and an Apache in house!


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Xen devel - Mar 2007 - [PATCH] Add CVE-2006-5753, CVE-2007-0006, CVE-2007-0772, CVE-2007-0005 and CVE-2007-1000 into patches/

[Xen-devel] [PATCH] Add CVE-2006-5753, CVE-2007-0006, CVE-2007-0772, CVE-2007-0005 and CVE-2007-1000 into patches/