[Pkg-xen-devel] Xen 4.11 Security-Support ended

Hans van Kranenburg hans at knorrie.org
Mon Jul 12 19:17:58 BST 2021


Hi all,

Last Saturday, Jul 10, upstream security support for Xen 4.11 ended [0].

---- >8 ----
Xen-Version: 4.11
Initial-Release: 2018-07-10
Supported-Until: 2020-01-10
Security-Support-Until: 2021-07-10
---- >8 ----

This means that there will be no further updates for Xen in Debian Buster.

Yes, this is a bit awkward because the Bullseye release did not happen
yet. The major culprit is the fact that the alignment of the Debian and
Xen releases result in a kind of worst case scenario.

I can highly recommend to review the Bullseye release critical bug list
and upgrade now, if not done already.

I just uploaded the current state of Xen 4.14 to Debian unstable
(4.14.2+25-gb6a8c4f72d-1) [1]. It's not intended to go into testing, I'm
not going to file an unblock request.

Feel free to grab the packages for Xen 4.14 from Debian unstable for
security updates until the Bullseye release happens. (Note that, if
Bullseye was already released, this would go in as
4.14.2+25-gb6a8c4f72d-1~deb11u1)

My next 2 todo items for Debian Xen are
- reviewing recently active bugs in the BTS
- sending an email with thoughts about what can be done in the next two
years, and asking who wants to help.

Don't hesitate to ask questions if needed, about the above. For ideas
about things for Bullseye+1, please wait a bit for the other mail
thread, or #debian-xen on OFTC is of course always a good place to be.

Have fun,
Hans

[0] https://xenbits.xen.org/docs/4.11-testing/SUPPORT.html#release-support
[1]
https://salsa.debian.org/xen-team/debian-xen/-/tags/debian%2F4.14.2+25-gb6a8c4f72d-1



More information about the Pkg-xen-devel mailing list