Bug#964482: buster-pu: xen/4.11.4+24-gddaaccbbab-1~deb10u1
On 7/7/20 9:51 PM, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
>
> On Tue, 2020-07-07 at 21:16 +0200, Hans van Kranenburg wrote:
>> I'd like to update the xen packages in buster to
>> 4.11.4+24-gddaaccbbab-1~deb10u1 for the 10.5 point release. This is
>> an update to keep following the stable-4.11 upstream Xen code, which
>> mainly contains security fixes.
>>
>> https://salsa.debian.org/xen-team/debian-xen/-/blob/10f1a4a8f15b6748459cd1c826d3808694682faf/debian/changelog
>
> In that case, please attach a source debdiff between the current stable
> package and the proposed package (built and tested on stable) to this
> request.
I can do that. Are you sure you want to read through the upstream
changes in a way that collapses everything and removes the context of
the original git commits with any useful information about whether it's
related to an XSA, or if it's a backport of a critical bug that crashes
systems for our stable users or if it's a commit that really needs to be
included before the security fix will actually work?
I'm trying to run this through the stable release process because
there's an (one) actual packaging change involved.
If we only had upstream changes, we'd do this as a regular security update.
>> I also have 4.11.4+24-gddaaccbbab-1 for unstable ready for upload
>> here.
>> All of it is right now waiting for the upstream testing at the Xen
>> project to finish, which is regression testing the latest additions
>> for todays published security advisories (
>> https://xenbits.xen.org/xsa/,
>> 2020-07-07). But, I'm already sending the request.
>
> It's fine to send the request now, but the unstable upload needs to
> happen first.
That's for sure!
Hans
Reply to: