oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak

From: Jean Luc Picard <atari2600a () gmail com>
Date: Tue, 3 Oct 2023 15:02:41 -0700
Hi, just dropping in, is this the kind of thing to where the userspace &
kernel layers need mitigation until there's microcode mitigation?  There's
bound to be more of these issues cropping up now that cstates are finally
working, meaning more people will daily-drive rather than homelab.

On Tue, Oct 3, 2023 at 2:46 PM Jeremy Stanley <fungi () yuggoth org> wrote:


On 2023-10-03 22:37:08 +0100 (+0100), Andrew Cooper wrote:
[...]

If you have a proposal for how you'd prefer it to be done, I'll see what
I can do.  Perhaps BCC oss-security, or just send out a second mail?


When I send advisories, I prepare two basically identical E-mail
messages: one to the project's announcement list and one to
oss-security (signing both of them). It seems like this is the most
common approach to avoiding cross-posting between lists.
--
Jeremy Stanley
Previous By Date Next
Previous By Thread Next

Current thread: