Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 760654

Summary: app-emulation/qemu-riscv64-bin unmaintained (what is it?)
Product: Gentoo Linux Reporter: Reva Denis <denis7774>
Component: Current packagesAssignee: RISCV project <riscv>
Status: RESOLVED INVALID    
Severity: normal CC: jstein, tamiko, virtualization
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Reva Denis 2020-12-18 16:52:22 UTC
I notice that the package seems to be unmaintained and potentially vulnerable.

And what a hel… What does that package does if there are usual qemu with riscv64 target?

Reproducible: Always
Comment 1 Reva Denis 2020-12-18 16:52:48 UTC
What is purpose of the package?
Comment 2 Jonas Stein gentoo-dev 2020-12-19 14:14:41 UTC
Which vulnerabilities do you mean? Any CVE, or upstream report?
Please add them here, if they are public.
Comment 3 Matthias Maier gentoo-dev 2020-12-19 18:01:03 UTC
The package is maintained.

It simply contains the riscv64 emulator.

It is used by the riscv64 team to create stage-3 images that automatically include an appropriate interpreter to run said images on amd64.

As such security implications are also fairly minimal - the emulator is simply used to emulate binaries for the riscv64 architecture, not to wall off virtualized guests.