Call for testing to qemu -sandbox users

Simon Deziel simon at
Wed Sep 5 13:26:35 UTC 2018

Hi Christian,

On 2018-09-05 01:56 AM, Christian Ehrhardt wrote:
> Hi,
> TL;DR: If you enabled -sandbox in your Bionic qemu, please test the PPA [2]
> Details:
> There is a CVE [1] which we fixed in Cosmic [3], but are unsure to backport
> to Bionic.
> Reasons for that are:
> - there is some regression risk associated which we want to minimize
> - the sandbox feature it fixes is not enabled by default on Bionic (it is
> in Cosmic)
> Per discussion between me and the security Team there are two things gating
> the backport of this to Bionic.
> 1. We'd want to know if anybody actually enables -sandbox explicitly in
> Bionic?

I use -sandbox on Bionic and Xenial. I also used it on Trusty but have
since decommission/upgrade those machines.

> 2. if so, it would be great if one of those with a real case could do a
> verification based on the ppa [2]

Testing went well so thanks and please proceed with SRU for Bionic.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the ubuntu-server mailing list