WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] Xen 3.1.3 and Linux Kernel 2.6.18.8

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-devel] Xen 3.1.3 and Linux Kernel 2.6.18.8
From: "S.Çağlar Onur" <caglar@xxxxxxxxxxxxx>
Date: Tue, 15 Jan 2008 23:41:39 +0200
Delivery-date: Tue, 15 Jan 2008 13:42:25 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <478D0A69.8020605@xxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Organization: TÜBİTAK / UEKAE
References: <478D0A69.8020605@xxxxxxxxxxxx>
Reply-to: caglar@xxxxxxxxxxxxx
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.9.6 (enterprise 0.20071204.744707)
Hi;

15 Oca 2008 Sal tarihinde, Joshua West şunları yazmıştı: 
> Currently, linux kernel 2.6.18 is used for Xen 3.1.x.
>
> Would it be possible (or advisable) to make kernel 2.6.18.8 the default
> for Xen 3.1.3 - just as it was done with the Xen 3.0.x branch and
> kernels like 2.6.16.26 & 2.6.16.33?  There are quite a few security (and
> regular) bugs fixed in the 2.6.18.x point releases.

As i wrote long ago to list, just upgrading to plain .8 not solves all 
security related issues of 2.6.18.x kernels, for example Pardus Xen packages 
currently top on .8 and we still have lots of CVEish patches in our package 
[1].

Please do not misunderstand but i really recommend stick with your distro 
packages instead of xensource provided ones if you care about security. 

[1] 
http://svn.pardus.org.tr/pardus/devel/kernel-xen/dom0/kernel-dom0/files/CVE/
http://svn.pardus.org.tr/pardus/devel/kernel-xen/domU/kernel-domU/files/CVE/

Cheers
-- 
S.Çağlar Onur <caglar@xxxxxxxxxxxxx>
http://cekirdek.pardus.org.tr/~caglar/

Linux is like living in a teepee. No Windows, no Gates and an Apache in house!

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel