On Fri, May 07, 2021 at 11:59:33AM +0300, Michael Tokarev wrote:
> 06.05.2021 20:51, Moritz Mühlenhoff wrote:
> > Am Sun, Sep 13, 2020 at 10:42:36PM +0200 schrieb Moritz Muehlenhoff:
> > > Package: qemu
> > > Severity: important
> > > Tags: security
> > > X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
> > >
> > > Not fixed upstream yet at this point:
> > >
> > > https://www.openwall.com/lists/oss-security/2020/07/02/1
> > > https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg09961.html
> >
> > Patches:
> > https://git.qemu.org/?p=qemu.git;a=commitdiff;h=520f26fc6d17b71a43eaf620e834b3bdf316f3d3
> > https://git.qemu.org/?p=qemu.git;a=commitdiff;h=4f2a5202a05fc1612954804a2482f07bff105ea2
> > https://git.qemu.org/?p=qemu.git;a=commitdiff;h=24202d2b561c3b4c48bd28383c8c34b4ac66c2bf
> > https://git.qemu.org/?p=qemu.git;a=commitdiff;h=f867cebaedbc9c43189f102e4cdfdff05e88df7f
> > https://git.qemu.org/?p=qemu.git;a=commitdiff;h=b5bf601f364e1a14ca4c3276f88dfec024acf613
> > https://git.qemu.org/?p=qemu.git;a=commitdiff;h=921604e175b8ec06c39503310e7b3ec1e3eafe9e
> > https://git.qemu.org/?p=qemu.git;a=commitdiff;h=2c9fb3b784000c1df32231e1c2464bb2e3fc4620
> > https://git.qemu.org/?p=qemu.git;a=commitdiff;h=735754aaa15a6ed46db51fd731e88331c446ea54
>
> Yes, I looked at this 2 days ago as well, and found the patches too.
>
> The thing is that these patches does not apply to 5.2 anymore, since
> the subsystem got a few other changes before - backporting them isn't
> a good option. I'm trying to forward-port some intermediate features
> (which can be considered fixes too b/c they make qemu closer to actual
> hw it emulates), but for now the whole thing is a bit questionable..
Ok! Let's simply ignore it for buster/bullseye, then? The impact is marginal
anyway, and close
the bug when 6.0 lands in unstable?
Cheers,
Moritz
