|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] Status of comet-4.10 branch
In XSA-254, we advertised siome special new branches, comet and vixen, which were intended to be used as the shim in the PV-in-HVM shim approaches to XSA-254 mitigation. With my Debian maintainer hat on, I chose to do that. (I don't know, of course, what proportion of Debian users are using shim and what proportion xpti.) I am now trying to apply the XSA-267 patches. It is obvious that the fix will need to be applied to my 4.10 comet. But I discover that the patches do not apply. Additionally, I would want to apply the XSA-263 patches, so that when microcode appears, XSA-263 is fixes too. What am I supposed to do ? There is no useful guidance in XSA-263 or XSA-267, and there has been no update to XSA-254. Such an update should probably be issued. The right approach to this depends on whether the functionality in the comet and shim branches is now in released Xen branches. Should comet 4.10 be retired in favour of stable-4.10 or RELEASE-4.10.1 ? If stable-4.10 is not suitable, then we have a gap and either the remaining fixes from comet need to be applied to 4.10; or the intervening XSAs need to be applied to comet. Similar questions apply for 4.9.1-shim-vixen and 4.8.3pre-shim-comwet. In any case an update to XSA-254 is needed. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |