[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Thoughts on Xen updates in LTS



On 22/02/2020 00:31, Roberto C. Sánchez wrote:
> On Fri, Feb 21, 2020 at 11:24:02PM +0000, Holger Levsen wrote:
>> Hi Roberto,
>>
>> besides what Moritz said...
>>
>> On Fri, Feb 21, 2020 at 01:37:14PM -0500, Roberto C. Sánchez wrote:
>>>> have you done this in coordination with credative who were working on that before?
>>> I did not coordinate with Credativ.  In the past, the xen package always
>>> showed as "claimed" by Credativ in dla-needed.txt.  I interpreted the
>>> presence of xen in dla-needed.txt unclaimed, along with the absence of
>>> updates over the last 5-6 months, as indication that the work was not
>>> being done by anyone else.
>> right, i'm not sure why Credativ was removed from this entry, cc:ing 
>> Waldi for clarification.
>>
>>> If I should have coordinated, I apologize.  
>> I just checked the lts git repo and the security tracker one, and there was 
>> no trace indicating that credativ was working on this, so I don't think 
>> an apology is needed/warranted here..
>>
> Cool.  I'm glad I didn't overlook something along the way.
>
>>> With whom should I
>>> communicate to ensure that I don't do duplicate work?  Or would it be
>>> better if I simply stopped working on the package?
>>  
>> I think Moritz has a point when he said what he said...
>>
> I agree.  I suspect that I would have arrived at that same conclusion
> after looking at a few more of the pending vulnerabilities.  Since he
> has now saved me the trouble (thanks Moritz), tomorrow I will start the
> process of making Xen in jessie EOL.
>
> I will check back with the list members before I commit/push anything
> related to that.

Since credativ has been delegated Xen support (see
README.external-support), I would ask them to do that themselves and
hence clarify their plans.
They probably aren't reading this list.

My $0.02.

Cheers!
Sylvain


Reply to: