On 8 March 2018 at 21:57, Kubilay Kocak <ko...@freebsd.org> wrote: > On 9/03/2018 8:57 am, Ed Maste wrote: >> On 15 January 2018 at 13:37, Tycho Nightingale <tyc...@freebsd.org> wrote: >>> Author: tychon >>> Date: Mon Jan 15 18:37:03 2018 >>> New Revision: 328011 >>> URL: https://svnweb.freebsd.org/changeset/base/328011 >>> >>> Log: >>> Provide some mitigation against CVE-2017-5715 by clearing registers >>> upon returning from the guest which aren't immediately clobbered by >>> the host. This eradicates any remaining guest contents limiting their >>> usefulness in an exploit gadget. >> >> Will you MFC this to stable/11? > > Mitigations and related MFC's and SA's, etc for vulnerabilities, are > presumably all being coordinated and handled by secteam, with associated > (explicit) messaging when fixes don't apply to particular > branches/versions, no?
Embargoed patches to address specific security vulnerabilities are handled by secteam, and are committed to all branches simultaneously. For cases like this, where it's a mitigation or other improvement that is already committed to CURRENT, it's best if the domain expert / original committer handles the merge. That said, I'm happy to take care of the merge if desired. _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
