Bug#882296: qemu: please consider security support for virtio GPU

[gregc]

 > Hmm. I'm not sure what do you want to achieve here. And why are you

filing a bug for this.

Where security support is "marked" to start with?

Thanks,

/mjt


https://security-tracker.debian.org/tracker/CVE-2017-9060
https://security-tracker.debian.org/tracker/CVE-2017-5578

The notes at the bottom assume virtio gpu doesn't need security patches 
because "1:2.8+dfsg-2 upload reverts enable virtio gpu (virglrenderer) 
and opengl support"


Virtio GPU can be used without virgl 3d accleration. I want to make sure 
security patches for it aren't ignored in the future.

Bug#882296: qemu: please consider security support for virtio GPU

[gregc]

Package: qemu
Version: 1:2.8+dfsg-6
Severity: wishlist

security support for Virtio GPU is marked as unimportant because 
2.8+dfsg-6 doesn't have virgl and opengl support. Virtio GPU can be used 
in 2d mode without virgl 3d accleration, I use it in virt-manager with 
spice (I've been having issues with QXL in guests with newer kernels).