[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Xen 4.4 updates vs. Xen Stretch backport

Hi Peter,

On Thu, Dec 06, 2018 at 12:35:32PM +0100, Peter Dreuw wrote:
> Hi Holger, hi all,

I've re-added the debian-lts list...

> On 05.12.18 18:58, Holger Levsen wrote:
> > yes, we should fix what's (sensibly) possible to fix in xen 4.4.
> >
> > So Peter, please go ahead and backport as much as you can, while updating
> > us (me or this list) on estimates as you get a better understanding of the work
> > required. 
> ok.


> > I assume it might also be a good idea if'd summarize the state
> > of the various (CVE) issues in NOTEs in data/dla-needed.txt in
> > security-tracker.git so that it's clearly visible in one location what
> > the status of backporting these fixes is. That information is also in
> > the mails of this thread, but that's not easy to find.
> I don't know the security-tracker.git and have no idea how to do this,
> sorry. I might pass this to colleagues, but they are very busy, currently.

no problem and don't worry, no need to bother busy colleages, the file
in the security-tracker I meant is
and if you look at it you will see many NOTE entries for other packages,
but none for xen (at the bottom), while it would be great to report the 
status of the xen update there.

Assuming (*) you will continue to work on xen DLAs: please apply to become
a project member of https://salsa.debian.org/security-tracker-team/ so
that you can push your commits directly. Until you are accepted (which
should be a matter of hours or very few days) I'll be glad to merge
patches from you sent to me via email or some such.

(*) not 100% sure how credativ works on LTS...

> I will keep you informed here on the list about my progress.

great, thank you!


       PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

Attachment: signature.asc
Description: PGP signature

Reply to: