Re: [Xen-devel] Xen Security Advisory 140 - QEMU leak of uninitialized heap memory in rtl8139 device model

Ian Jackson Thu, 13 Aug 2015 08:08:37 -0700

Yuriy Kohut writes ("Re: Xen Security Advisory 140 - QEMU leak of uninitialized 
heap memory in rtl8139 device model"):
> Please find attached patches for the 'Qemu-dm 3.4 stable branch’ 
> (git://xenbits.xen.org/qemu-xen-3.4-testing.git):
> 
> # sha256sum xsa140-qemut-3.4-?.patch
> a6f614aea18f5ebf37b7d462c9190d7b9426a7b2ca304f314d05b8a328c9f831  
> xsa140-qemut-3.4-1.patch
> dd3f90a407f83fdaf7efa42a5aabcc479ad88a0bc8b98d31f1809dfe81543186  
> xsa140-qemut-3.4-2.patch
> b091a84fe888362a1501faf8aa546d2b8816e0ce6e197d8da9cd0bafc0e26dbb  
> xsa140-qemut-3.4-3.patch
> 454e6d0d6fe464c7a696c168ca5218fbd5d496eab1f5565bc02e391997b02a3d  
> xsa140-qemut-3.4-4.patch
> def8a6a33bddd77518b9ba2f8f16b2ac4ff962c34f24a94173e41b5a82adf68a  
> xsa140-qemut-3.4-5.patch
> c599838dfea5aa50eed8bc2ca373734a6ef4529738aa1d056637625d04d35875  
> xsa140-qemut-3.4-6.patch
> 6d2efbd7b492355160f38a61e0a83c5fb5be86e2a4c953cc2f4e05a2dda7001e  
> xsa140-qemut-3.4-7.patch


Hi.  Thanks a lot for this.

We (Xen maintainers) intend to handle these by applying this (as a
bugfix) to xen.git#staging, which is the 4.6 release prep branch.
They apply with some minor line offsets.  We'll then feed that into
our maintained stable branches in the usual way, and update the
advisory.

Yuriy, can I have your Signed-off-by for the backport work, in
accordance with
  
http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches#Signing_off_a_patch
?

If so I will repost this as a formal patch series.

Thanks,
Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: [Xen-devel] Xen Security Advisory 140 - QEMU leak of uninitialized heap memory in rtl8139 device model

Reply via email to