[Users] Debian openvz kernel package security update policy ?

[Benoit Branciard]

We are using openVZ on Debian Etch, and are going to start some 
virtalized production servers.

We are using precompiled 2.6.18 openVZ kernel packages, either from 
download.openvz.org/debian or debian.systs.org repositories, currently:

linux-image-2.6.18-fza-028stab051.1-686 (from debian.systs.org)
linux-image-2.6.18-openvz-18-51.3d2-686 (from openvz.org)

Question is: how are these packages security-maintained ? Are all 
security-related Debian updates backported to them ?

If not, what is the recommended way to maintain a production kernel ? 
getting the latest Debian Etch source, applying an openVZ patch (which 
?) and manually compile ?

By the way, what is the naming scheme for these packages ? The version 
suffix appears quite unclear, so identifying the latest version is quite 
difficult. The most effective solution appears to manually read the 
modification time of the files on the repository, which is not very 
convenient.

-- 
Ce message a ete verifie par MailScanner
pour des virus ou des polluriels et rien de
suspect n'a ete trouve.