I've also posted to qubes-users, but perhaps qubes-devel is more
appropriate for this:
I'm wondering when we can expect information on the impact of XSA-273
(1) on Qubes R4? I can't help but notice it's absence from the Qubes
XSA-tracker page (2).
Some OS Vendors have implemented kernel patches in an attempt to
mitigate these vulnerabilities, but as of yet I haven't seen any such
patches to the qubes-kernel-vm or the Hypervisor.
In the common case that microcode updates aren't possible via a BIOS
update (HW vendor not made them available), and disabling
hyper-threadding is not possible in the BIOS - what are the best options
for a Qubes user right now?
Thanks,
Rob.
Links:
(1) - https://xenbits.xen.org/xsa/advisory-273.html
(2) - https://www.qubes-os.org/security/xsa/
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-devel/2fb051b8686b28a6a8d7a507060e539d%40posteo.net.
For more options, visit https://groups.google.com/d/optout.
