On 03/12/14 18:42, Andrew Cooper wrote: > > XSA-37 was only an XSA because the rules at the time were unclear as > whether it was an issue or not. At the same time, the rules were > clarified to state that issues in a debug build only are not security > issues.
Given that we occasionally ask our customers to run debug versions of Xen to diagnose particular problems I think this policy should change (if not by the Xen project security team, then at least internally). David _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
