Re: [Xen-devel] Xen Project Security Whitepaper v1 is ready for community review

[Steven Haigh <netwiz@xxxxxxxxx>]

On Tuesday, 22 May 2018 8:11:38 PM AEST Jan Beulich wrote:
> >>> On 18.05.18 at 19:53, <marmarek@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> > Alternative workaround for this would be more frequent point releases by
> > default (maybe with ability to delay it very few commits are queued).
> > For example every 3 months. It wouldn't solve all the cases, but I think
> > will make it easier most of the time.
> 
> Is every 3 months so much better than every 4 months? Granted we
> basically never manage to make it exactly 4 months, but on the average
> I think we're not too far off.

I think the big thing is reducing the delta between the staging branch and the 
release. I can only assume that would reduce the number of issues that occur 
with patching vs release tarballs - hopefully making the security teams job a 
little easier.

That being said, if an approach of releasing a new build when we come across 
broken patch sets for XSAs (like the current 4.9.1 vs XSAs, and prior 4.10.0 
vs XSAs), then I think this part becomes irrelevant.

-- 
Steven Haigh

📧 netwiz@xxxxxxxxx       💻 https://www.crc.id.au
📞 +61 (3) 9001 6090    📱 0412 935 897

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel