> On Mar 9, 2018, at 9:26 AM, Ed Maste <ema...@freebsd.org> wrote: > > On 8 March 2018 at 21:57, Kubilay Kocak <ko...@freebsd.org> wrote: >> On 9/03/2018 8:57 am, Ed Maste wrote: >>> On 15 January 2018 at 13:37, Tycho Nightingale <tyc...@freebsd.org> wrote: >>>> Author: tychon >>>> Date: Mon Jan 15 18:37:03 2018 >>>> New Revision: 328011 >>>> URL: https://svnweb.freebsd.org/changeset/base/328011 >>>> >>>> Log: >>>> Provide some mitigation against CVE-2017-5715 by clearing registers >>>> upon returning from the guest which aren't immediately clobbered by >>>> the host. This eradicates any remaining guest contents limiting their >>>> usefulness in an exploit gadget. >>> >>> Will you MFC this to stable/11? >> >> Mitigations and related MFC's and SA's, etc for vulnerabilities, are >> presumably all being coordinated and handled by secteam, with associated >> (explicit) messaging when fixes don't apply to particular >> branches/versions, no? > > Embargoed patches to address specific security vulnerabilities are > handled by secteam, and are committed to all branches simultaneously. > > For cases like this, where it's a mitigation or other improvement that > is already committed to CURRENT, it's best if the domain expert / > original committer handles the merge. That said, I'm happy to take > care of the merge if desired.
No worries, I will merge this and r329162 too. Tycho _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"