[kernel-sec-discuss] r4593 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Aug 25 11:20:29 UTC 2016
Author: jmm
Date: 2016-08-25 11:20:28 +0000 (Thu, 25 Aug 2016)
New Revision: 4593
Modified:
active/CVE-2015-8553
Log:
update
Modified: active/CVE-2015-8553
===================================================================
--- active/CVE-2015-8553 2016-08-25 04:49:01 UTC (rev 4592)
+++ active/CVE-2015-8553 2016-08-25 11:20:28 UTC (rev 4593)
@@ -5,10 +5,16 @@
http://thread.gmane.org/gmane.linux.kernel/1924087/focus=1924088
Notes:
bwh> Upstream fix is not clearly correct; see discussions in the references.
+ jmm> I've gotten in touch with the subsystems maintainers; the patch breaks
+ jmm> qemu (as used by xen). While this was fixed upstream in qemu, the patch
+ jmm> hasn't been merged yet since it would break with older versions of qemu
+ jmm> I'm trying to find out which version is fine, so maybe we can carry that
+ jmm> the xsa120-addendum.patch as a Debian-specific patch it's merged at some
+ jmm> point
Bugs:
upstream: needed
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: needed
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: ignored "breaks qemu as used in jessie"
+3.2-wheezy-security: ignored "breaks qemu as used in jessie"
More information about the kernel-sec-discuss
mailing list