Back to home

4.7.0

Xen Project 4.7 and 4.6.3 Release
Jun 23 2016

I’m pleased to announce the release of Xen Project Hypervisor 4.7 and Xen Project Hypervisor 4.6.3. Xen Project Hypervisor 4.7 This new release focuses on improving code quality, security hardening, security features, live migration support, usability improvements and support for new hardware features — this

The Docker exploit and the security of containers
Jun 23 2014

We normally only cover news and information directly related to Xen in this channel, but we thought it might be useful to briefly expand our scope a bit to mention the recent discussion about the Docker security exploit. What’s the news? Well to begin with, a few weeks ago

Security disclosure process discussion update
Dec 17 2012

After concluding our poll about changes to the security discussion, we determined that “Pre-disclosure to software vendors and a wide set of users” was probably the best fit for the community. A set of concrete changes to the policy have now been discussed on xen-devel (here and here), and we

Xen.org Security Policy Update: Get Involved
Jun 28 2012

Xen.org recently released a number of (related) security updates, XSA-7 through to -9. This was done by the Xen.org Security Team who are charged with following the Xen.org Security Problem Response Process. As part of the process of releasing XSA-7..9 several short-comings (a few of which

by admin
Security vulnerabilities - the coordinated disclosure sausage mill
Jun 19 2012

Laws, like sausages, cease to inspire respect in proportion as we know how they are made. – John Godfrey Saxe, 1869. Most open source projects, Xen.org included, do what is called “coordinated disclosure” of security problems. The idea is that we keep security bugs secret until people have had a

2 New Articles on Xen and Virtualization
Apr 24 2009

Virtualization interview with Simon Crosby – http://virtualization.ulitzer.com/node/554197?page=0,0 Virtualization security discussion – http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1354642,00.html#

by admin
Xen security research results presented
Aug 14 2008

Joana Rutkowska and her team presented very interesting insights on Xen security, as well as attacks against it, at this years Black Hat conference in Las Vegas. In a trilogy of talks(“Xen 0wning trilogy”), they gave information about “Subverting the Xen Hypervisor”, “Detecting and preventing the Xen hypervisor subversions”

by admin
New Security Email for Xen.org
May 05 2008

A new email has been established for anyone finding a security issue with any Xen build. Please send a detailed email of the problem to security@xen.org. This email distribution reaches a wide group of Xen community members who can immediately address the problem.

by admin