[CentOS-virt] Xen kernel-3.18.25-17 EL6 and EL7 needs testing

Tue Jan 19 22:03:27 UTC 2016
Johnny Hughes <johnny at centos.org>

On 01/19/2016 03:37 PM, Johnny Hughes wrote:
> On 01/19/2016 03:27 PM, Phill Bandelow wrote:
>> I presume this addresses CVE-2016-0728?
>>
> 
> Actually it does not .. they have not rolled that patch into the LTS
> 3.18 branch at kernel.org yet.
> 
> As soon as it hits the LTS tree I will build a new kernel though.

OK .. supposedly, this patch fixes the issue:

http://bit.ly/1Sv1Llu

I have made this patch apply to the xen kernel sources:

http://bit.ly/23d5JmD

Let's verify that what I am applying is the only real meat to the first
patch.

I will build and test this locally to verify that we have the issue
before and not after applying that patch.

Then we can test it as a group.

SO .. hold off on testing kernel-3.18.25-17 and I will create a
kernel-3.18.25-18 if this fixes the CVE-2016-0728 issue.

Thanks,
Johnny Hughes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20160119/1b0fd3cb/attachment-0006.sig>