[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Should we have a 2.0-rc3 ?
From: |
Michael S. Tsirkin |
Subject: |
Re: [Qemu-devel] Should we have a 2.0-rc3 ? |
Date: |
Sat, 12 Apr 2014 20:55:57 +0300 |
On Sat, Apr 12, 2014 at 06:50:49PM +0100, Peter Maydell wrote:
> On 12 April 2014 18:48, Michael S. Tsirkin <address@hidden> wrote:
> > On Sat, Apr 12, 2014 at 12:48:41PM +0400, Michael Tokarev wrote:
> >> 11.04.2014 21:37, Peter Maydell wrote:
> >> > * vmxnet3 patches
> >>
> >> I think this is not dangerous to go in before 2.0. We wont have more
> >> testing even if it were applied much earlier, because this device is
> >> rather exotic in qemu world and isn't used often. On the other hand,
> >> having less CVE IDs for a release is good, in my opinion.
> >
> > The CVE in question deal with malicious state loading.
>
> I meant patches 1 and 2; I agree that the malicious state loading
> fixes are not interesting for 2.0.
>
> thanks
> -- PMM
Yes, I agree with these ones.