On Wed, 2019-05-15 at 13:59 +0200, Thomas Goirand wrote: > Hi, > > Probably Ben will reply to this one... > > Is it planned to upgrade intel-microcode and the kernel in Jessie, > regarding CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091? I plan to update linux, and I have backported the mitigation to 3.16. However I will need to do more testing of this before uploading, and will probably wait until it has been through the stable review process. I have already uploaded linux-4.9 to match the stable security update. I expect that Henrique will handle the intel-microcode update as he has done before. Note that stable branches older than 4.9 are not getting the speculation mitigations for KVM, and should not be used with untrusted guests (at least on Intel hardware). Ben. -- Ben Hutchings To err is human; to really foul things up requires a computer.
Attachment:
signature.asc
Description: This is a digitally signed message part