From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: Doubt on KVM-88 vulnerabilities
Date: Tue, 10 Nov 2009 12:04:40 +0200
Message-ID: <4AF93AB8.3040504@redhat.com>
References: <20091108184240.GA29279@defiant.freesoftware>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
To: dbareiro@gmx.net, KVM General <kvm@vger.kernel.org>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:19362 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753316AbZKJKEi (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 10 Nov 2009 05:04:38 -0500
In-Reply-To: <20091108184240.GA29279@defiant.freesoftware>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 11/08/2009 08:42 PM, Daniel Bareiro wrote:
> Hi all!
>
> I'm using KVM-88 compiled by myself from the source code provided by the
> official site of the project.
>
> Is this version of KVM vulnerable to the mentioned thing in the
> DSA-1907-1 [1]?

Yes.

> In such case, there is some published patch that can be
> applied or some new version that solves this?
>    

I recommend to use distro-provided modules (or kernel.org kernels within 
their support period) for production use.  This ensures you get security 
and stability fixes.  kvm-89 will fix these issues, but as it's a 
development snapshot, may introduce new issues.

-- 
error compiling committee.c: too many arguments to function