| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f25bc125-a013-4c43-b67d-09512786ae90@redhat.com> Date: Thu, 29 Feb 2024 21:53:43 +0100 From: Paolo Bonzini <pbonzini@...hat.com> To: Theodore Ts'o <tytso@....edu> Cc: Greg KH <gregkh@...nel.org>, cve@...nel.org, linux-kernel@...r.kernel.org, KVM list <kvm@...r.kernel.org>, Vitaly Kuznetsov <vkuznets@...hat.com> Subject: Re: CVE-2021-46978: KVM: nVMX: Always make an attempt to map eVMCS after migration On 2/29/24 15:34, Theodore Ts'o wrote: > On Thu, Feb 29, 2024 at 11:04:45AM +0100, Paolo Bonzini wrote: >> Also, LKML does not get the initial announcement, which makes it a bit >> more painful to find the full discussion on lore (you have to go >> through a "no message with that id, maybe you mean this one from other >> mailing lists" page, instead of having the whole thread in the same >> place). A linux-cve mailing list with public posting, used for Cc and >> Reply-to of the initial message, would solve this issue as well. > > I believe the url https://lore.kernel.org/all/<message-id> will get > the whole thread, regardless of which mailing lists individual mail > messages were sent to, does it not? Yes, it does. That covers the web interface but it still leaves out subscribers and people reading via NNTP. That said, I'm not sure why people who look at CVEs for a living should not have their own lighter-traffic mailing list, which was the main reason to have a linux-cve mailing list. Paolo
Powered by blists - more mailing lists