[Pkg-xen-devel] Bug#929129: Bug#929129: Xen Hypervisor security update for Intel MDS - XSA 297
Hans van Kranenburg
hans at knorrie.org
Sat May 18 11:18:45 BST 2019
Hi,
On 5/17/19 5:21 PM, Wiebe Cazemier wrote:
> Package: xen-hypervisor-4.8-amd64
> Version: 4.8.5+shim4.10.2+xsa282-1+deb9u11
>
> All Xen Hypervisor packages also need patches against the Intel MDS bug,
> same as https://www.debian.org/security/2019/dsa-4444.
>
> http://xenbits.xen.org/xsa/advisory-297.html
Yes, they do.
For Xen 4.8 and 4.11, we're currently waiting for the related changes in
the upstream code branches to complete the regular test process at Xen
(compile, run on all different hardware etc).
Only at the moment that the advisary is published, the patches are
committed to the public development branches. After that, the tests do
more rigorous regression testing than the developer writing them could
do. We tend to wait for this to succeed. E.g. as part of the packaging
team, I can test that the result boots on amd64, but I have no idea
myself if it also runs on arm etc.
If you're desperately in need for an intermediate version, and you're
able to build debian packages yourself, then I can point you at
something that I'm running myself now.
Regards,
Hans
More information about the Pkg-xen-devel
mailing list