Jonathan Tripathy writes ("[Xen-devel]
CVE-2011-1166"):> I''m currently looking at CVE-2011-1166:
>
> securitytracker.com/id/1025226
>
> Am I correct in saying that this issue is fixed in the latest stable 4.x
> branch, but not in the 3.4.4 release? I see the fix here:
>
> xenbits.xen.org/hg/staging/xen-unstable.hg/rev/c79aae866ad8
>
> however I do not see the same fix applied in 3.4.4:
>
>
xenbits.xen.org/hg/xen-3.4-testing.hg/file/ac68ad6fe4b7/xen/arch/x86/domain.c#l716
>
> Shouldn''t this be fixed?
Probably. I haven''t checked whether 3.4 is vulnerable. This is a
question for the 3.4 stable tree maintainer, Keith Coleman. Keith ?
Thanks,
Ian.