Re: [CentOS-virt] 4.4.4-26 with XSA-226, 227, 230 in centos-virt-testing

[Johnny Hughes]

On 11/28/2017 11:24 AM, Kevin Stange wrote:
> On 11/28/2017 10:11 AM, Johnny Hughes wrote:
>> Kevin has been rolling back the security updates to the 4.4 branch.  He
>> has been working with some of the other distros (debian for sure, and
>> some others on the xen security list).
>>
>> I think it is his intention to continue this for as long as he is able
>> to. (Kevin, chime in if you have a schedule lifetime or EOL in mind)
>>
>> As long as Kevin (or anyone else) maintains the tree, I am happy to
>> build them into the repos.
>>
>> On 11/28/2017 07:38 AM, Pasi Kärkkäinen wrote:
>>> Hi,
>>>
>>> On Wed, Aug 23, 2017 at 04:02:46PM -0500, Kevin Stange wrote:
 Xen 4.4.4 along with kernel 4.9.44 containing patches for XSAs (226 -
 230) from August 15th are now available in centos-virt-testing.  If
 possible, please test and provide feedback here so we can move these to
 release soon.

 XSA-228 did not affect Xen 4.4
 XSA-229 only applies to the kernel

 XSA-235 disclosed today only affects ARM and isn't going to be added to
 these packages.

>>>
>>> Thanks for updating the Xen 4.4 branch! Are you still planning for 
>>> additional updates there? 
> 
> I will be continuing to attempt to support 4.4 backports as long as I
> still have Xen 4.4 running in my own production environment, which will
> be until at least early 2018, but probably longer.  I am currently in
> early testing for migrating to newer Xen, but it's not close to ready
> yet.  I should have a release containing XSA-246 and XSA-247 in the
> testing repo later today, which will come up as version 4.4.4-32.
> 
> I wish I could provide more concrete EOL for planning purposes.
> Obviously, if you have the option to migrate to Xen 4.6 or later (4.5 is
> EOL in a few months) that's a good plan for a number of reasons.  I
> expect we'll see Xen 4.8 in the SIG repos before too long as well.
> 

I would suggest that if there is anyone out there who wants to keep
using Xen-4.4 on CentOS-6 that, and you have the ability to backport the
4.5 or 4.6 patches to xen-4.4, you get with Kevin and learn the process
so that you can keep the 4.4 branch going .. otherwise it will go EOL
when Kevin stops maintaining it.



signature.asc
Description: OpenPGP digital signature
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] 4.4.4-26 with XSA-226, 227, 230 in centos-virt-testing

[Pasi Kärkkäinen]

Hi,

On Wed, Aug 23, 2017 at 04:02:46PM -0500, Kevin Stange wrote:
> Xen 4.4.4 along with kernel 4.9.44 containing patches for XSAs (226 -
> 230) from August 15th are now available in centos-virt-testing.  If
> possible, please test and provide feedback here so we can move these to
> release soon.
> 
> XSA-228 did not affect Xen 4.4
> XSA-229 only applies to the kernel
> 
> XSA-235 disclosed today only affects ARM and isn't going to be added to
> these packages.
>

Thanks for updating the Xen 4.4 branch! Are you still planning for additional 
updates there? 


-- Pasi

> 
> -- 
> Kevin Stange
> Chief Technology Officer
> Steadfast | Managed Infrastructure, Datacenter and Cloud Services
> 800 S Wells, Suite 190 | Chicago, IL 60607
> 312.602.2689 X203 | Fax: 312.602.2688
> ke...@steadfast.net | www.steadfast.net
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt