On 2017-10-07 1:19 PM, Ron Hunter-Duvar wrote:

> Well, I did all this, and confirmed that the sys-* servicevms are all
> using Fedora 25, but it still has dnsmasq version 2.76. According to
> US-CERT, 2.78 is needed to get the vulnerability fixes. Which concerns
> me, given the length of time that the exploit code has been public.
> Surprises me too, since Debian had it out in a matter of hours.
> However, it's not running in any of these, nor in dom0. Should I just
> uninstall it?
> Thanks,
> Ron

It's weird, but it seems like every distro *but* Fedora has released an
updated version or version with a backported fix. Even Red Hat
Enterprise has done it. I don't know what the hold up is, but it'll be a
package with a backported fix and currently it's set to be 2.76.4 (or
greater if more bugs are found).


You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to