[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-security
Subject:    Xen security updates for Spectre and Meltdown
From:       Wiebe Cazemier <wiebe () halfgaar ! net>
Date:       2018-01-15 16:36:04
Message-ID: 983915895.27634.1516034164871.JavaMail.zimbra () halfgaar ! net
[Download RAW message or body]

Hi,

This [1] Xen blog post describes Xen 4.6 as the lowest version about which patches \
for Meltdown and Spectre. Debian 7 has Xen 4.1. Debian 8 has Xen 4.4. Will these and \
future patches be backported, if that is even possible?

Also, so far, I haven't found anything about how Debian is going to address this \
vulnerability in Xen. For instance, [2] only mentions kernels, not Xen.

Regards,

Wiebe


[1] https://blog.xenproject.org/2018/01/04/xen-project-spectremeltdown-faq/
[2] https://security-tracker.debian.org/tracker/CVE-2017-5754


[prev in list] [next in list] [prev in thread] [next in thread]