-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Thu, May 11, 2023 at 11:00:41PM -0700, Vít Šesták wrote: > If the process is not reused, just an update without restarting anything is > enough, isn't it? (This wouldn't be the case if the process was forking > from a zygote.)
The process forks for each request, so one will need to kill all currently-running qrexec-daemon processes to be protected from this vulnerability. The simplest way to do this is to reboot all domUs. - -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEdodNnxM2uiJZBxxxsoi1X/+cIsEFAmRffrwACgkQsoi1X/+c IsE+aBAAyAIS9c03+E6KQJAuKBwoa02szKGHbqUHHUtUCX1t961jXCq8Li/MC14e qEUBrZdniIgvcszPLJ4SDH1nIVCovimUu4a1Z+gN/ofvTrxcAH+kSzxth30aIIuE foh4LGFEZLZVng72X002917lDquw0hs0BaMBKzP/JhKAAlpkDIivEbCn7vOvztET hSCRK4mBhfur1gSogkPF69vJnOfoq4FFz2GIsBaWfDF6j0hfmddUbk+mU2f5ooH/ mg7AUFCfltR7GO7swHksFX+S7p+tI/L6VfoxARFjarHZ4f4PYEEXrV/LQXusL60x /oPDOap8AlmPksjC/OITLRCV11jACjeQCIUX2r9pE8KioXmElrNsKKKMAKjf6FSr fy3ylxX3o1cdX1DhHDpbVtv8GM/6nXPfSDg2sbF3AmMTHh1kfOx5GWp32F+BBL3a pI3AuJbXMirrXRVNIDRsdxQ8v+TwEK0jRaI5Z/IbL2kClMODgwBHuZZ8l1xFTFXG xVfWbrbLvhJC9qupoWTKJKIyjmlisF9Q8vQZm2KURgQ0/qO5oesGf8X+XdkynCqO VTjZvxN/UpvAmxvbQB9YxCwO6hAhvdPLNz70uE8C8PDiMWS3VM2iAAoRLSb7CqTz kmkAXkC4M7Y9wKthgY20I4ZFOc2dvvdoV5uXPMG75La0lOQoG0A= =dX/W -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ZF9%2BugKzSKnf6Ah%2B%40itl-email.