Re: Thoughts on Xen updates in LTS
On Fri, Feb 21, 2020 at 01:37:14PM -0500, Roberto C. Sánchez wrote:
> On Fri, Feb 21, 2020 at 05:56:33PM +0000, Holger Levsen wrote:
> > Roberto,
> >
> > On Fri, Feb 21, 2020 at 12:33:12PM -0500, Roberto C. Sánchez wrote:
> > > I have recently begun working on updates to xen in jessie.
> >
> > have you done this in coordination with credative who were working on that before?
> >
> I did not coordinate with Credativ. In the past, the xen package always
> showed as "claimed" by Credativ in dla-needed.txt. I interpreted the
> presence of xen in dla-needed.txt unclaimed, along with the absence of
> updates over the last 5-6 months, as indication that the work was not
> being done by anyone else.
>
> If I should have coordinated, I apologize. With whom should I
> communicate to ensure that I don't do duplicate work? Or would it be
> better if I simply stopped working on the package?
Even the much more recent 4.8 branch in oldstable is now EOLed, jessie
should definitely be EOLed as well. Security patches for Xen are highly
domain-specific and the security patches are often very complex, is simply
cannot be done without upstream involvement (which led to stretch being
EOLed when that branch was stopped)
Cheers,
Moritz
Reply to: