Johnny Hughes
2017-Nov-28 16:11 UTC
[CentOS-virt] 4.4.4-26 with XSA-226, 227, 230 in centos-virt-testing
Kevin has been rolling back the security updates to the 4.4 branch. He has been working with some of the other distros (debian for sure, and some others on the xen security list). I think it is his intention to continue this for as long as he is able to. (Kevin, chime in if you have a schedule lifetime or EOL in mind) As long as Kevin (or anyone else) maintains the tree, I am happy to build them into the repos. On 11/28/2017 07:38 AM, Pasi K?rkk?inen wrote:> Hi, > > On Wed, Aug 23, 2017 at 04:02:46PM -0500, Kevin Stange wrote: >> Xen 4.4.4 along with kernel 4.9.44 containing patches for XSAs (226 - >> 230) from August 15th are now available in centos-virt-testing. If >> possible, please test and provide feedback here so we can move these to >> release soon. >> >> XSA-228 did not affect Xen 4.4 >> XSA-229 only applies to the kernel >> >> XSA-235 disclosed today only affects ARM and isn't going to be added to >> these packages. >> > > Thanks for updating the Xen 4.4 branch! Are you still planning for additional updates there? > > > -- Pasi > >> >> -- >> Kevin Stange >> Chief Technology Officer >> Steadfast | Managed Infrastructure, Datacenter and Cloud Services >> 800 S Wells, Suite 190 | Chicago, IL 60607 >> 312.602.2689 X203 | Fax: 312.602.2688 >> kevin at steadfast.net | www.steadfast.net > _______________________________________________ > CentOS-virt mailing list > CentOS-virt at centos.org > https://lists.centos.org/mailman/listinfo/centos-virt >-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20171128/ca518cb1/attachment-0002.sig>
Kevin Stange
2017-Nov-28 17:24 UTC
[CentOS-virt] 4.4.4-26 with XSA-226, 227, 230 in centos-virt-testing
On 11/28/2017 10:11 AM, Johnny Hughes wrote:> Kevin has been rolling back the security updates to the 4.4 branch. He > has been working with some of the other distros (debian for sure, and > some others on the xen security list). > > I think it is his intention to continue this for as long as he is able > to. (Kevin, chime in if you have a schedule lifetime or EOL in mind) > > As long as Kevin (or anyone else) maintains the tree, I am happy to > build them into the repos. > > On 11/28/2017 07:38 AM, Pasi K?rkk?inen wrote: >> Hi, >> >> On Wed, Aug 23, 2017 at 04:02:46PM -0500, Kevin Stange wrote: >>> Xen 4.4.4 along with kernel 4.9.44 containing patches for XSAs (226 - >>> 230) from August 15th are now available in centos-virt-testing. If >>> possible, please test and provide feedback here so we can move these to >>> release soon. >>> >>> XSA-228 did not affect Xen 4.4 >>> XSA-229 only applies to the kernel >>> >>> XSA-235 disclosed today only affects ARM and isn't going to be added to >>> these packages. >>> >> >> Thanks for updating the Xen 4.4 branch! Are you still planning for additional updates there?I will be continuing to attempt to support 4.4 backports as long as I still have Xen 4.4 running in my own production environment, which will be until at least early 2018, but probably longer. I am currently in early testing for migrating to newer Xen, but it's not close to ready yet. I should have a release containing XSA-246 and XSA-247 in the testing repo later today, which will come up as version 4.4.4-32. I wish I could provide more concrete EOL for planning purposes. Obviously, if you have the option to migrate to Xen 4.6 or later (4.5 is EOL in a few months) that's a good plan for a number of reasons. I expect we'll see Xen 4.8 in the SIG repos before too long as well. -- Kevin Stange Chief Technology Officer Steadfast | Managed Infrastructure, Datacenter and Cloud Services 800 S Wells, Suite 190 | Chicago, IL 60607 312.602.2689 X203 | Fax: 312.602.2688 kevin at steadfast.net | www.steadfast.net
Johnny Hughes
2017-Nov-28 22:54 UTC
[CentOS-virt] 4.4.4-26 with XSA-226, 227, 230 in centos-virt-testing
On 11/28/2017 11:24 AM, Kevin Stange wrote:> On 11/28/2017 10:11 AM, Johnny Hughes wrote: >> Kevin has been rolling back the security updates to the 4.4 branch. He >> has been working with some of the other distros (debian for sure, and >> some others on the xen security list). >> >> I think it is his intention to continue this for as long as he is able >> to. (Kevin, chime in if you have a schedule lifetime or EOL in mind) >> >> As long as Kevin (or anyone else) maintains the tree, I am happy to >> build them into the repos. >> >> On 11/28/2017 07:38 AM, Pasi K?rkk?inen wrote: >>> Hi, >>> >>> On Wed, Aug 23, 2017 at 04:02:46PM -0500, Kevin Stange wrote: >>>> Xen 4.4.4 along with kernel 4.9.44 containing patches for XSAs (226 - >>>> 230) from August 15th are now available in centos-virt-testing. If >>>> possible, please test and provide feedback here so we can move these to >>>> release soon. >>>> >>>> XSA-228 did not affect Xen 4.4 >>>> XSA-229 only applies to the kernel >>>> >>>> XSA-235 disclosed today only affects ARM and isn't going to be added to >>>> these packages. >>>> >>> >>> Thanks for updating the Xen 4.4 branch! Are you still planning for additional updates there? > > I will be continuing to attempt to support 4.4 backports as long as I > still have Xen 4.4 running in my own production environment, which will > be until at least early 2018, but probably longer. I am currently in > early testing for migrating to newer Xen, but it's not close to ready > yet. I should have a release containing XSA-246 and XSA-247 in the > testing repo later today, which will come up as version 4.4.4-32. > > I wish I could provide more concrete EOL for planning purposes. > Obviously, if you have the option to migrate to Xen 4.6 or later (4.5 is > EOL in a few months) that's a good plan for a number of reasons. I > expect we'll see Xen 4.8 in the SIG repos before too long as well. >I would suggest that if there is anyone out there who wants to keep using Xen-4.4 on CentOS-6 that, and you have the ability to backport the 4.5 or 4.6 patches to xen-4.4, you get with Kevin and learn the process so that you can keep the 4.4 branch going .. otherwise it will go EOL when Kevin stops maintaining it. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20171128/bc94932f/attachment-0002.sig>
Seemingly Similar Threads
- 4.4.4-26 with XSA-226, 227, 230 in centos-virt-testing
- 4.4.4-26 with XSA-226, 227, 230 in centos-virt-testing
- 4.4.4-26 with XSA-226, 227, 230 in centos-virt-testing
- Xen-44 Package Updates for XSAs up to XSA-235
- Xen updates in the Testing Repo for XSA-207 and XSA-208