[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] tmem/XSA-15 backport?
> From: Jan Beulich [mailto:JBeulich@xxxxxxxx] > Sent: Wednesday, September 19, 2012 10:00 AM > To: Dan Magenheimer > Cc: Ian Campbell; IanJackson; xen-devel@xxxxxxxxxxxxx; Konrad Wilk; Zhenzhong > Duan; Keir Fraser; > tim@xxxxxxx > Subject: Re: tmem/XSA-15 backport? > > >>> On 19.09.12 at 17:48, Dan Magenheimer <dan.magenheimer@xxxxxxxxxx> wrote: > > I'd like to recommend that all tmem patches be backported > > to 4.1-stable and 4.2-stable prior to the next > > point release and preferably asap. > > > > Auditing activities are being conducted separately under > > Konrad's supervision, but it seems wise to apply known > > security patches to released trees before any users/distros > > update. > > > > Comments or objections? > > My recollection is that the committers more or less agreed to > consider backports only once the full audit was done, and we > were assured that no further vulnerabilities are to be > expected. But I'm certainly open to weakening that position > if others prefer going that route. Yes, didn't make much sense to me :-) I agree it may be wise to _not_ remove any published recommendations to _not_ enable tmem until a full audit is done, but failing to fix known issues (security or otherwise) in released trees because there _might_ be other bugs found in the future seems odd to me. Other comments or objections? Dan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |