On 04/04/2017 07:25 AM, Andrew David Wong wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Dear Qubes community, > > We have just published Qubes Security Bulletin (QSB) #29: > Critical Xen bug in PV memory virtualization code (XSA-212). > > The current text of this QSB is reproduced below. The latest version, > including any future corrections, will always be available in the Qubes > Security Pack (qubes-secpack). > > View QSB #29 in the qubes-secpack: > > <https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-029-2017.txt> > > Learn about the qubes-secpack, including how to obtain, verify, and > read it: > > <https://www.qubes-os.org/doc/security-pack/> > > View all past QSBs: > > <https://www.qubes-os.org/doc/security-bulletins/> > > View XSA-212 in the XSA Tracker: > > <https://www.qubes-os.org/security/xsa/#212> > > ``` Thanks for this. I'm keeping an eye on the qubesos-bot updates on GitHub and notice that updates are going out to current-testing at the moment. The QSB states that they'll make an appearance on security-testing; will that come later on or is that an oversight?
I only ask because I've been keeping an eye on the gui-agent-linux bug on GitHub (where version 3.2.15 seems to freeze VMs) and since I presume that package is still in current-testing alongside this Xen update, I'd rather not enable that repo in order to download this Xen fix. I presume security-testing would be a better fit. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/oc096q%24jn0%241%40blaine.gmane.org. For more options, visit https://groups.google.com/d/optout.
