linux-2.6_2.6.32-48squeeze4 and Bug #701744

[Kris Shannon <kris@shannon.id.au>]

I was eagerly awating the release of linux-2.6_2.6.32-48squeeze4 because it would fix #701744 (fallout from XSA-39: Linux netback DoS via malicious guest ring)

It turns out I should have read the bug report more closely.

 #701744 was only about the xen-netback side of things.

I haven't been able to find a debian bug about the REAL bug - the xen-netfront gso overflow.

Upstream have patched this: http://git.kernel.org/linus/9ecd1a75d977e2e8c48139c7d3efed183f898d94

"netfront: reduce gso_max_size to account for max TCP header"

Is this likely to go into a squeeze kernel?

The xen environment I'm running these squeeze VM's in is running on CentOS dom0's and Redhat have closed the visible bugs I can find on this as "Not a bug" :(