On Fri, May 13, 2016 at 12:21:13PM +0200, Raphael Hertzog wrote: > On Fri, 13 May 2016, Moritz Muehlenhoff wrote: > > > I'm not convinced that > > > supporting the current Wheezy versions of QEMU for two more years is of > > > much use (in contrast to the version currently in Jessie) compared to > > > the effort of backporting security fixes. > > > > Ack. > > I'm not sure that I follow what you say here. You suggest to update qemu > in wheezy to the version currently in jessie? Is that correct?
No, I recommend to EOL src:qemu/qemu-kvm in wheezy (the bits relevant to src:xen are somewhat isolated and can be backported from the Xen Security announcements) Backporting jessie's qemu will end up in a similar situation as the experiments with libav. Anyone running a virtualisation server based on KVM/qemu is much better off with upgrading to jessie. Cheers, Moritz