From mboxrd@z Thu Jan  1 00:00:00 1970
From: M A Young <m.a.young@durham.ac.uk>
Subject: Re: Xen Security Advisory 35 (CVE-2013-0152) - Nested
 HVM exposes host to being driven out of memory by guest
Date: Tue, 22 Jan 2013 21:09:29 +0000 (GMT)
Message-ID: <alpine.DEB.2.00.1301222106280.32543@procyon.dur.ac.uk>
References: <E1TxcYd-0007H4-74@xenbits.xen.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <E1TxcYd-0007H4-74@xenbits.xen.org>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: "Xen.org security team" <security@xen.org>
Cc: xen-users@lists.xen.org, xen-announce@lists.xen.org, oss-security@lists.openwall.com, xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

On Tue, 22 Jan 2013, Xen.org security team wrote:

> To fix both XSA 34 and XSA 35, first apply xsa34-4.2.patch from XSA 34
> and then *also* apply xsa35-4.2-with-xsa34.patch from this advisory.

The xsa35-4.2-with-xsa34.patch patch is malformed,
@@ -3862,6 +3862,10 @@ long do_hvm_op(unsigned long op, XEN_GUE
should be
@@ -3862,6 +3862,11 @@ long do_hvm_op(unsigned long op, XEN_GUE

 	Michael Young