Xen says new patch is 'simple and crude' and warns against using it The Xen project has revealed a new bug, XSA-180, but warns its patch for the problem is itself problematic. The bug means that “When the libxl toolstack launches qemu for HVM guests, it pipes the output of stderr to a file in /var/log/xen.” “This output is not rate-limited in any way. The guest can easily cause qemu to print …
What the warning means is that the patch is targeted *only* for deployment within a Xen system; and 1) probably will not be acceptable as-is in the core qemu project ("may not be appropriate for adoption upstream"), and 2) may not actually fix the problem if you're using QEMU outside of a normal Xen system -- for instance, in KVM, or in your own virtualization system ("...or in other contexts").
In other words, this patch is a hack -- a safe and effective one for Xen, but not a long-term solution. Normally we would always try to provide a proper fix, but in this case a proper fix would require changes to the interface, which can't be done effectively in a security update.
The text you quote is a bit unclear; it's difficult sometimes to get every detail just right when you're under time pressure and focusing on trying to get everything else right.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
