RE: [Xen-users] Xen branches

["Jonathan Tripathy" <jonnyt@xxxxxxxxxxx>]

 

---

From: Greg Woods [mailto:woods@xxxxxxxx]
Sent: Tue 20/07/2010 15:08
To: Jonathan Tripathy
Cc: Xen-users@xxxxxxxxxxxxxxxxxxx
Subject: RE: [Xen-users] Xen branches

On Tue, 2010-07-20 at 15:01 +0100, Jonathan Tripathy wrote:
>

>  what I see on my CentOS 5.5 boxes is 3.0.3 (plus
> patches and fixes from Red Hat).
>
> -------------------------------------------------------------------------------------------------
>
> And is this safer than using 3.4.3 from Gitco?

I never heard of Gitco so I have no way of knowing. I trust Red Hat to
keep security fixes in place and to keep Xen working as long as they
have committed to support RHEL 5 (at least another 4 years), and I trust
the CentOS people to bring those fixes forward as long as Red Hat keeps
producing them. My experience is that this normally happens in a fairly
timely manner, but that is by my definition of "timely" which is based
on our risk factors here which are bound to be different than yours.

You will have to decide for yourself whether you trust Gitco to do the
same. You seem to be looking for someone to say "this way is better",
but it likely won't happen. You have to evaluate it based on your own
needs and experience.

--Greg

--------------------------------------------------------------------------------------------------------

 

What I am trying to understand is the patch release cycle for the different versions of Xen. I know for a fact that the versions from Gitco are simply RPMs built directly from xen.org. So what I am asking, is that are the Red Hat versions of Xen more "up-to-date", regarding security fixes, than the source directly from xen.org? Or maybe Red Hat commit their fixes to xen.org as well, so their patches eventually end up in the xen.org version?

 

Thanks

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users