[CentOS-virt] Xen kernel-3.18.25-18 for EL6 and EL7 (CVE-2016-0728)

Wed Jan 20 00:37:42 UTC 2016
Johnny Hughes <johnny at centos.org>

On 01/19/2016 05:28 PM, Johnny Hughes wrote:
> On 01/19/2016 05:22 PM, Johnny Hughes wrote:
>> There is now a kernel-3.18.25-18 that fixes CVE-2016-0728 (and upgrades
>> to the lastest 3.18  LTS kernel) for Xen4CentOS users.
>>
>> This kernel can be tested from here:
>>
>> http://cbs.centos.org/repos/virt6-xen-common-testing/x86_64/os/Packages/
>> (CentOS-6)
>>
>> and here:
>>
>> http://cbs.centos.org/repos/virt7-xen-common-testing/x86_64/os/Packages/
>> (CentOS-7)
>>
> 
> NOTE:
> 
> Those kernels will also end up in:
> 
> 
> http://buildlogs.centos.org/centos/6/virt/x86_64/xen/
> 
> and
> 
> http://buildlogs.centos.org/centos/7/virt/x86_64/xen/
> 
> Soon
> 
> (the kernel-3.18.25-17 kernel, without the CVE fix, is already there)
> 

OK, I can verify (for me), based on the 'leak' binary in compiled from

http://bit.ly/1nifPm4

That kernel-3.18.25-17 'DOES' have the CVE issue and that
kernel-3.18.25-18 DOES NOT have the CVE leak issue.

Feedback required from others.

Thanks,
Johnny Hughes


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20160119/f819e55b/attachment-0006.sig>