On 5/15/19 2:51 PM, Ben Hutchings wrote:
> On Wed, 2019-05-15 at 13:59 +0200, Thomas Goirand wrote:
>> Hi,
>>
>> Probably Ben will reply to this one...
>>
>> Is it planned to upgrade intel-microcode and the kernel in Jessie,
>> regarding CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091?
> 
> I plan to update linux, and I have backported the mitigation to 3.16. 
> However I will need to do more testing of this before uploading, and
> will probably wait until it has been through the stable review process.
> 
> I have already uploaded linux-4.9 to match the stable security update.
> 
> I expect that Henrique will handle the intel-microcode update as he has
> done before.
> 
> Note that stable branches older than 4.9 are not getting the
> speculation mitigations for KVM, and should not be used with untrusted 
> guests (at least on Intel hardware).
> 
> Ben.

Hi Ben,

Thanks for your detailed answer.
Cheers,

Thomas Goirand (zigo)

Reply via email to