1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Xen's latest hypervisor updates are missing some security patches

Discussion in 'CSO' started by RSS, Feb 16, 2016.

  1. RSS

    RSS New Member Member

    The Xen Project released new versions of its virtual machine hypervisor, but forgot to fully include two security patches that had been previously made available.

    The Xen hypervisor is widely used by cloud computing providers and virtual private server hosting companies.

    Xen 4.6.1, released Monday, is flagged as a maintenance release, the kind that are put out roughly every four months and are supposed to include all bug and security patches released in the meantime.

    Compare: HP ArcSight vs Splunk

    "Due to two oversights the fixes for both XSA-155 and XSA-162 have only been partially applied to this release," the Xen Project noted in a blog post. The same is true for Xen 4.4.4, the maintenance release for the 4.4 branch that was released on Jan. 28, the Project said.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page