On 2016-06-20 07:38, Brian May wrote:
> According to Bastian Blank the the fix for XSA 173 breaks i386
> support. The HVM domains die immediately due to a triple fault.
> His working theory is that invalid bits slip into the initial
> page table of the domain. He is recommending that we drop suppor
Happened to spot (forwarded below) Ubuntu released 'their' fix
for the qemu VGA exploit amongst others...
I note in particular they decided on including a patch of some
form r.e. for XSA-060 ... Even though debian marked this as
"Hardware design flaw, no software solution" according to the
debian
>>> AFAIK Xen in Wheezy is using the version shipped with Xen itself and we
Yes, and this is used to support HVM mode guests, where the security
of qemu matters. Seemingly (from qemu/VERSION) this is a very old
"0.10.2" version of qemu!!!
I do wonder to what extent updating _that_ qemu used to bu
>> So there's *another* escalation through Qemu/HVM to backport. I wonder
>> if it's worth postponing this upload?
By the looks of things that only affects HVM mode and only with
a non-default video adapter.
I think the other patches actually being released is more important in
short-term. Be awa
