[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Xen Project Security Whitepaper v1 is ready for community review



>>> On 24.05.18 at 16:14, <lars.kurth@xxxxxxxxxx> wrote:
> How many bug-fixes vs. XSAs are typically in a stable branch? I was under 
> the impression that historically, the vast majority used to be XSAs with very 
> few backports.
> However, this year this has really changed because Spectre and Meltdown 
> related fixes were developed in public and they look like feature backports
> Which is why we see more of these issues

The ratio may vary, but I think it has always been more non-security than
security fixes, at least for as long as I've been stable branch maintainer.
It otherwise also wouldn't make much sense to distinguish between fully
maintained branches and ones in security-only maintenance mode.

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.