Date: Fri, 19 Dec 2008 10:59:40 +0100 From: Jan Lieskovsky <jlieskov@...hat.com> To: "Steven M. Christey" <coley@...re.org> Cc: oss-security@...ts.openwall.com Subject: CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete) Hello Steve, originally CVE id of CVE-2008-4405 has been assigned to the following Xen backend issue: Original references: http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html (place where was pointed out, this is a security problem -^). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4405 Original patch: http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70 The problem: Daniel P.Berrange has discovered, this original patch is incomplete to fix this issue. More details here: http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00842.html Credit goes to: Daniel P.Berrange Steve, could you please allocate a new CVE id for this revised fix? Thanks, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.