Bug#723641: pu: package xen/4.1.4-5

["Thijs Kinkhorst" <thijs@debian.org>]

On Sun, September 22, 2013 23:34, Bastian Blank wrote:
> On Sun, Sep 22, 2013 at 09:58:54PM +0100, Adam D. Barratt wrote:
>> On Wed, 2013-09-18 at 14:06 +0200, Bastian Blank wrote:
>> > There are several CVE pending for Xen, plus some embargoed ones.  This
>> > fixes all publicly ones that have fixes.
>> Could we have a debdiff, rather than just the changelog please?
>
> If you insist. But don't cry that it is large.
>
>>                                                                 Have the
>> security team confirmed that they don't plan to issue DSAs for these
>> issues?
>
> I made it clear that no uploads to -security will come from me.  And
> most of this CVE are open for four or five months.

Do you have a message ID for me? I'd rather try to see what the problems
with the wheezy-security route are and how we can resolve them, rather
than try to work around them via pu.


Cheers,
Thijs