+-- On Thu, 6 Dec 2018, Peter Maydell wrote --+ | > > Do we need patch v2, or it can be done while merging it? | > | > I can add in the Fixes line when I apply the patch to master. | | Oh, I think we should also add to the commit message something | along the lines of: | | "Note that this bug is exploitable by a guest to escape | from the virtual machine. However the commit which | introduced the bug was only made after the 3.0 release, | and so it is not present in any released QEMU version." | | to clarify that this is a serious bug but also that it's | not one that will be affecting anybody's production systems.
Okay, preparing patch v2... -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F