Package: xen-3.0 Version: 3.0.3-0-2 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-3.0.
CVE-2007-1320[0]: | Multiple heap-based buffer overflows in the cirrus_invalidate_region | function in the Cirrus VGA extension in QEMU 0.8.2 might allow local | users to execute arbitrary code via unspecified vectors related to | "attempting to mark non-existent regions as dirty," aka the "bitblt" | heap overflow. If you fix this vulnerability please also include the CVE id in your changelog entry. This also affects xen in etch. Please have a look at: http://lists.xensource.com/archives/html/xen-devel/2007-05/msg00021.html http://xenbits.xensource.com/xen-unstable.hg?rev/9e86260b95a4 For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1320 Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpw3W95Oh5bR.pgp
Description: PGP signature
