[Pkg-xen-devel] Bug#861660: Xen package security updates for jessie 4.4, XSA-213, XSA-214
Moritz Muehlenhoff
jmm at inutil.org
Thu May 4 17:25:41 UTC 2017
On Thu, May 04, 2017 at 06:19:07PM +0100, Ian Jackson wrote:
> Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"):
> > On Thu, May 04, 2017 at 05:59:18PM +0100, Ian Jackson wrote:
> > > Should I put jessie-security in the debian/changelog and dgit push it
> > > (ie, from many people's pov, dput it) ?
> >
> > Yes, the distribution line should be jessie-security, but please send
> > a debdiff to team at security.debian.org for a quick review before
> > uploading (I have no idea whether dgit supports security-master).
>
> I'll send you a debdiff, thanks. I guess I'll find out whether dgit
> does work or not.
>
> I need to check the armhf build, since there are conflicts there. I
> don't think I can conveniently test the armhf version.
You mean CVE-2016-9815-CVE-2016-9818? We can simply leave them unfixed/ignored
I guess, it's not that there's any arm-based cloud hosting companies
running jessie on arm :-)
Cheers,
Moritz
More information about the Pkg-xen-devel
mailing list