[CentOS-virt] Xen Security patching

Sat Jun 7 18:21:35 UTC 2014
Chris Elliott <chris at chriselliott.info>

When are the kernel and xen RPM’s going to be updated again?

I can’t see anything in the RC tree since April and there are a fair number of XSA’s + kernel patches in 3.10 since.

Thanks
Chris

On 23 Nov 2013, at 15:52, Johnny Hughes <johnny at centos.org<mailto:johnny at centos.org>> wrote:

On 11/23/2013 09:37 AM, Johnny Hughes wrote:
On 11/23/2013 06:33 AM, Johnny Hughes wrote:
On 11/23/2013 06:24 AM, Johnny Hughes wrote:
On 11/22/2013 01:12 PM, Chris Elliott wrote:
Hi Guys

When is the next update of Hypervisor packages going to be released?

There appears to be no changes to the main hypervisor RPMs since
September (Even in the BETA / RC1 tree) and there are 5+ Xen Security
Advisories with patches which need to be added.

“Security issues are handled and released in sync with public
disclosure upstream with zero lag”

I can rebuild my own, but that’s not really the point. In other news
I’ve been doing some testing of the 3.10 kernel and so far so good!

That is not true ...

I updated testing RPMS into the rc1 tree and announced it here:

http://lists.centos.org/pipermail/centos-virt/2013-November/003485.html

If I can get at least one or 2 people to tell me this works, I'll push it.

Thanks,
Johnny Hughes
By not true, I mean that all XSAs that are applicable up to xsa-72 are
in the xen-4.2.3-24 RPMS in the RC1 repo right now. I have gotten 0
feedback since I released them. (xsa-62 through xsa-72)

xsa-73, xsa-75, xsa-78 can be released now, but they are very new.
OK, a newer version of xen-4.2.3-25 now exists in xen-RC-1 ... this
includes xsa-73, xsa-75, and xsa-78

Please test and provide feedback so we can move these to production.


I have just updated my production xen dom0 machines to this version, and
I am not seeing any issues. I don't necessarily recommend that for
everyone, but can we get some feedback from xen4centos6 users so we can
move these to production.

The repo is at for those who need the info:

http://dev.centos.org/centos/6/xen-c6-RC1/


Thanks,
Johnny Hughes


<signature.asc>_______________________________________________
CentOS-virt mailing list
CentOS-virt at centos.org<mailto:CentOS-virt at centos.org>
http://lists.centos.org/mailman/listinfo/centos-virt

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20140607/1d4b2190/attachment-0002.html>