thr3ads.net - Pkg xen devel - [Pkg-xen-devel] Bug#845663: Bug#845663: xen: CVE-2016-9386: x86 null segments not always treated as unusable [Nov 2016]

If this information is useful, please help other people find it:
Share via:

Julien Cristau

2016-Nov-29 14:49 UTC

[Pkg-xen-devel] Bug#845663: Bug#845663: xen: CVE-2016-9386: x86 null segments not always treated as unusable

Control: reopen -1

On Sun, Nov 27, 2016 at 12:28:04PM +0100, Bastian Blank
wrote:> Hi Salvatore
> 
> On Fri, Nov 25, 2016 at 07:35:18PM +0100, Salvatore Bonaccorso wrote:
> > Source: xen
> > Version: 4.4.1-9
> 
> Security bugs in stable are handled by the security team.  There is no
> need to write bugs.  I'm closing them.
> Bastian,

the above is just not true.  Security bugs in stable should be handled
by the maintainer, with the security team acting as a support and
backup.  And once issues are public, filing bugs is very much
appropriate.  Finally, if these bugs still affect unstable, they should
be handled there by the maintainer as well, or if they are already fixed
there, they can be closed with the corresponding version tracking
information, not just summarily closed.

Cheers,
Julien

Pkg xen devel - Nov 2016 - Bug#845663: Bug#845663: xen: CVE-2016-9386: x86 null segments not always treated as unusable

[Pkg-xen-devel] Bug#845663: Bug#845663: xen: CVE-2016-9386: x86 null segments not always treated as unusable