Hi, This [1] Xen blog post describes Xen 4.6 as the lowest version about which patches for Meltdown and Spectre. Debian 7 has Xen 4.1. Debian 8 has Xen 4.4. Will these and future patches be backported, if that is even possible?
Also, so far, I haven't found anything about how Debian is going to address this vulnerability in Xen. For instance, [2] only mentions kernels, not Xen. Regards, Wiebe [1] https://blog.xenproject.org/2018/01/04/xen-project-spectremeltdown-faq/ [2] https://security-tracker.debian.org/tracker/CVE-2017-5754
