Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?

From:	Stefano Stabellini
Subject:	Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?
Date:	Mon, 2 Mar 2015 14:18:23 +0000
User-agent:	Alpine 2.02 (DEB 1266 2009-07-14)

On Mon, 2 Mar 2015, Jan Beulich wrote:
> >>> On 02.03.15 at 15:05, <address@hidden> wrote:
> > I guess I could monitor cve.mitre.org or the QEMU stable tree for
> > commits with "CVE" in the commit message, but there isn't much else I
> > can do.
> 
> Yes, I think the latter is (for the time being) the most promising route.
> Question is how much work it is going to be to find out about past
> ones.

I could look at the matching QEMU stable tree for each of our past
qemu-xen-upstream releases.

Unfortunately it is going to be an error prone process as QEMU stable
trees have shorter maintenance cycles compared to Xen Project. I am
unlikely to find recent CVEs backported to 1.6.x, that is the base for
qemu-xen in Xen 4.4.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?, Stefano Stabellini, 2015/03/02
- Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?, Jan Beulich, 2015/03/02
  - Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?, Stefano Stabellini <=
    - Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?, Jan Beulich, 2015/03/02

Prev by Date: Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?
Next by Date: Re: [Qemu-devel] [PULL 00/10] QOM devices patch queue 2015-02-24
Previous by thread: Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?
Next by thread: Re: [Qemu-devel] old (but unfixed in our clones) qemu security issues?
Index(es):
- Date
- Thread