or
just another day as a vmware customer.
The Xen Project will release nine patches on Thursday. The Project gives each bug an “XSA” number and the 29th of October will see XSA 145 through 153 debut. The patch run looks to be a tricky one, because the Project added XSA 143 and 144 to the list, but now lists them as unassigned. If you take a look at the outfit's vuln …
> The patch run looks to be a tricky one, because the Project added XSA 143 and
> 144 to the list, but now lists them as unassigned.
This has no real meaning: a bug report may initially have been classified as security issue and may either have been discounted as such, or may have been patched/merged with another vulnerability. Other cases where this may happen is that a 3rd party vulnerability (e.g. QEMU, Linux, ...) is first reported to the Xen Project and we later agreed with the raiser of the issue that the issue is better handled by the 3rd party open source project. We retain the entries in our own records to ensure we do not loose history.