On 10/30/2015 02:59 AM, jsegitz@suse.de wrote:
On Thu, Oct 29, 2015 at 05:30:08PM -0700, PGNet Dev wrote:
Where's this security patch in the package tree?
The issues were under embargo until yesterday. Up until now we didn't receive openSUSE submission. I asked the maintainer to provide submits.
Johannes
According to http://www.xenproject.org/security-policy.html In addition to CentOS, Debian, Gentoo, Mageia, Ubuntu ... both Novell, Suse are on the Xen pre-disclosure list. It's not clear to me why Opensuse is not. Obviously Suse 'knew'. Can that be fixed so that unnecessary periods of security exposure on production machines, specifically in the case of well communicated pre-disclosure, can be avoided in the future? Simply, Opensuse should be on that list and similarly responsive. -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org