Hi Tim, et al, We (Time Warner Cable) will be doing a live-migration (L-M) of all instances one the QEMU package is upgraded. That will start new QEMU instances on the target host allowing us to vacate the source host. We may roll in a kernel upgrade due to another security vulnerability at the same time. I'm doing a Show and Tell in YVR about the topic of L-Ms and this topic now has its own slide. On Wed, May 13, 2015 at 8:31 AM, Tim Bell <Tim.Bell at cern.ch> wrote: > > > Looking through the details of the Venom vulnerability, > https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/, it > would appear that the QEMU processes need to be restarted. > > > > Our understanding is thus that a soft reboot of the VM is not sufficient > but a hard one would be OK. > > > > Some quick tests have shown that a suspend/resume of the VM also causes a > new process. > > > > How are others looking to address this vulnerability ? > > > > (I guess the security session will have a few extra people signing up in > Vancouver now...) > > > > Tim > > > > _______________________________________________ > OpenStack-operators mailing list > OpenStack-operators at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150513/39078a2f/attachment.html>