Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:Maintenance:114
xen.openSUSE_Evergreen_11.4
CVE-2012-4411-xsa19.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2012-4411-xsa19.patch of Package xen.openSUSE_Evergreen_11.4
From: Ian Jackson <ian.jackson@eu.citrix.com> Disable qemu monitor by default. The qemu monitor is an overly powerful feature which must be protected from untrusted (guest) administrators. Neither xl nor xend expect qemu to produce this monitor unless it is explicitly requested. This is a security problem, XSA-19. Previously it was CVE-2007-0998 in Red Hat but we haven't dealt with it in upstream. We hope to have a new CVE for it here but we don't have one yet. Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com> Index: xen-4.1.3-testing/tools/ioemu-qemu-xen/vl.c =================================================================== --- xen-4.1.3-testing.orig/tools/ioemu-qemu-xen/vl.c +++ xen-4.1.3-testing/tools/ioemu-qemu-xen/vl.c @@ -4910,7 +4910,7 @@ int main(int argc, char **argv, char **e kernel_cmdline = ""; cyls = heads = secs = 0; translation = BIOS_ATA_TRANSLATION_AUTO; - monitor_device = "vc:80Cx24C"; + monitor_device = "null"; serial_devices[0] = "vc:80Cx24C"; for(i = 1; i < MAX_SERIAL_PORTS; i++)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor