Brian May writes:
> I have a build of binutils for all pending CVEs except CVE-2016-4491,
I had another look at CVE-2016-4491. Looks like the following patch from
upstream git is a prerequisite. Unfortunately this patch does not apply
cleanly either. So I found a potential prerequisite for this
On Wed, Jun 22, 2016 at 08:23:10AM +1000, Brian May wrote:
> Just wondering if you included this in version 4.1.6.1-1+deb7u2 by any
> chance?
The provided patches are incomplete, remove previous security fixes and
does not compile.
I'm currently backporting a larger bunch of the locking changes,
On Mon, Jul 11, 2016 at 10:45:57AM +0200, Bastian Blank wrote:
> On Wed, Jun 22, 2016 at 08:23:10AM +1000, Brian May wrote:
> > Just wondering if you included this in version 4.1.6.1-1+deb7u2 by any
> > chance?
> The provided patches are incomplete, remove previous security fixes and
> does not com
Hi Bastian,
On Mon, 11 Jul 2016, Bastian Blank wrote:
> In my tests this backport works with live migration. Can someone else
> give it a try?
> https://github.com/credativ/xen-lts/tree/lts-4.1-xsa-97
If you expect people to test, you should provide packages ready to install.
But I would rather
