[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: About 'qemu-security' mailing list
From: |
Peter Maydell |
Subject: |
Re: About 'qemu-security' mailing list |
Date: |
Mon, 14 Sep 2020 10:30:14 +0100 |
On Mon, 14 Sep 2020 at 09:55, Daniel P. Berrangé <berrange@redhat.com> wrote:
> Do we think the current QEMU security process is working well for the
> community as a whole in terms of our downstream consumers learning about
> security flaws in an appropriate timeframe and manner ?
That sounds like a question we should be asking our distro contacts,
not guessing at amongst ourselves :-)
Personally, my view is that our current security process is
absolutely useless for anybody who isn't either (a) a distro
(b) using their distro's packaged QEMU (c) big enough to
effectively be acting as their own distro by tracking CVE
announcements and applying patches by hand -- because we don't
produce timely new upstream releases with security fixes.
So unless we want to change that, I think the key question
is "does this process work for the distros?", and I'm happy
if we make adjustments to fix whatever their problems with it
might be.
thanks
-- PMM
- About 'qemu-security' mailing list, P J P, 2020/09/11
- Re: About 'qemu-security' mailing list, Li Qiang, 2020/09/11
- Re: About 'qemu-security' mailing list, Alexander Bulekov, 2020/09/11
- Re: About 'qemu-security' mailing list, Daniel P . Berrangé, 2020/09/11
- Re: About 'qemu-security' mailing list, Peter Maydell, 2020/09/11
- Re: About 'qemu-security' mailing list, Philippe Mathieu-Daudé, 2020/09/14
- Re: About 'qemu-security' mailing list, Daniel P . Berrangé, 2020/09/14
- Re: About 'qemu-security' mailing list,
Peter Maydell <=
- Re: About 'qemu-security' mailing list, Stefan Hajnoczi, 2020/09/14
- Re: About 'qemu-security' mailing list, P J P, 2020/09/15
- Re: About 'qemu-security' mailing list, Stefan Hajnoczi, 2020/09/16
- Re: About 'qemu-security' mailing list, Peter Maydell, 2020/09/16
- Re: About 'qemu-security' mailing list, Daniel P . Berrangé, 2020/09/16
- Re: About 'qemu-security' mailing list, Thomas Huth, 2020/09/16
- Re: About 'qemu-security' mailing list, Daniel P . Berrangé, 2020/09/16
- Re: About 'qemu-security' mailing list, P J P, 2020/09/18
- Re: About 'qemu-security' mailing list, P J P, 2020/09/30
- Re: About 'qemu-security' mailing list, Darren Kenny, 2020/09/30