(Opening a new thread to clarify topic.) Brian, I have tested the packages you have proided here:
https://people.debian.org/~bam/wheezy/xen/amd64/ They seem to hold, although I have yet to test them in production. One thing I noticed is that they don't seem to fix CVE-2015-8104 and CVE-2015-5307, ie. that the patches you posted in <[email protected]> were not factored into the package. That would seem to be important (and maybe we could push those back towards the Ubuntu folks as well). I think that, with those two patches, the Xen packages would be up to date in Wheezy! Security team: can we get your go for a DSA on those? I'd send a debdiff first of course. Brian: should I go ahead and build that myself or do you want to followup on Xen yourself? A. -- Uncompromising war resistance and refusal to do military service under any circumstances. - Albert Einstein
