Re: qemu status
Hi, I have an updated package at: https://www.beuc.net/tmp/debian-lts/qemu/ The packages appears globally stable with KVM and Xen. I found 1 regression: connecting to qemu's VNC server crashes the process. This means there's probably an issue among CVE-2017-15124's 10 patches :/ (on a positive note the memory exhaustion issue is definitely fixed ;)) I'm interested in backport details about this? Cheers! Sylvain
Re: qemu status
Hi Sylvain, On Mo 09 Sep 2019 21:37:31 CEST, Sylvain Beucler wrote: I can make myself available on Friday 10AM, that sounds good. Good. Stencilled into my calendar now. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpVuKP8MyhOr.pgp Description: Digitale PGP-Signatur
Re: qemu status
Hi! On Mon, Sep 09, 2019 at 06:35:37PM +, Mike Gabriel wrote: > On Mo 09 Sep 2019 11:23:59 CEST, Sylvain Beucler wrote: > > On 04/09/2019 15:41, Sylvain Beucler wrote: > > > We have a prepared QEMU update from 3 months ago that needs attention: > > > https://packages.sunweavers.net/debian/pool/main/q/qemu/ > > > > > > It fixes: > > > CVE-2017-9375 CVE-2019-12155 CVE-2017-15124 CVE-2016-5403 CVE-2016-5126 > > > > > > Since then we got: > > > CVE-2019-14378 CVE-2019-13164 CVE-2019-12068 CVE-2019-12067 > > > and possibly CVE-2018-19665 to reconsider. > > > > > > I can take the time to setup a physical box and provide more testing / > > > more patching. > > > Before doing so, I thought I'd first check: > > > what are you plans for this month regarding this update? :) > > Ping? > > Thanks for pinging. And: sorry, I did not get any work on this done on > Saturday. > > Did you get any testing work done on this already? If not, I'd suggest to > meet on IRC on Friday this week, after 10am (CEST) and get to work on this > together. Is that a plan? Let me know, if you are available then. No extensive testing yet. I setup a physical Jessie machine (an AMD/svm, btw) and started triaging the pending issues. I plan to integrate more issues and prepare some tests (e.g. LVM so as to test partition disk images and possibly install an old ProxMox). I can make myself available on Friday 10AM, that sounds good. Cheers! Sylvain
Re: qemu status
Hi Sylvain, On Mo 09 Sep 2019 11:23:59 CEST, Sylvain Beucler wrote: On 04/09/2019 15:41, Sylvain Beucler wrote: Hi Mike, hi all :) We have a prepared QEMU update from 3 months ago that needs attention: https://packages.sunweavers.net/debian/pool/main/q/qemu/ It fixes: CVE-2017-9375 CVE-2019-12155 CVE-2017-15124 CVE-2016-5403 CVE-2016-5126 Since then we got: CVE-2019-14378 CVE-2019-13164 CVE-2019-12068 CVE-2019-12067 and possibly CVE-2018-19665 to reconsider. I can take the time to setup a physical box and provide more testing / more patching. Before doing so, I thought I'd first check: what are you plans for this month regarding this update? :) Cheers! Sylvain Ping? Thanks for pinging. And: sorry, I did not get any work on this done on Saturday. Did you get any testing work done on this already? If not, I'd suggest to meet on IRC on Friday this week, after 10am (CEST) and get to work on this together. Is that a plan? Let me know, if you are available then. Thanks, Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgp1mhcswPfs6.pgp Description: Digitale PGP-Signatur
Re: qemu status
Ping? - Sylvain On 04/09/2019 15:41, Sylvain Beucler wrote: > Hi Mike, hi all :) > > We have a prepared QEMU update from 3 months ago that needs attention: > https://packages.sunweavers.net/debian/pool/main/q/qemu/ > > It fixes: > CVE-2017-9375 CVE-2019-12155 CVE-2017-15124 CVE-2016-5403 CVE-2016-5126 > > Since then we got: > CVE-2019-14378 CVE-2019-13164 CVE-2019-12068 CVE-2019-12067 > and possibly CVE-2018-19665 to reconsider. > > I can take the time to setup a physical box and provide more testing / > more patching. > Before doing so, I thought I'd first check: > what are you plans for this month regarding this update? :) > > Cheers! > Sylvain >
qemu status
Hi Gabriel, hi all :) We have a prepared QEMU update from 3 months ago that needs attention: https://packages.sunweavers.net/debian/pool/main/q/qemu/ It fixes: CVE-2017-9375 CVE-2019-12155 CVE-2017-15124 CVE-2016-5403 CVE-2016-5126 Since then we got: CVE-2019-14378 CVE-2019-13164 CVE-2019-12068 CVE-2019-12067 and possibly CVE-2018-19665 to reconsider. I can take the time to setup a physical box and provide more testing / more patching. Before doing so, I thought I'd first check: what are you plans for this month regarding this update? :) Cheers! Sylvain
