Re: RFC: Starting a stable kernel series off the 2.6 kernel

From: Florian Weimer
Date: Mon Dec 05 2005 - 15:59:50 EST

Next message: Kenny Simpson: "Re: nfs unhappiness with memory pressure"
Previous message: Thomas Backlund: "Re: [PATCH] sata_sil: greatly improve DMA handling"
In reply to: Florian Weimer: "Re: RFC: Starting a stable kernel series off the 2.6 kernel"
Next in thread: Arjan van de Ven: "Re: RFC: Starting a stable kernel series off the 2.6 kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Matthias Andree:

> The point that just escaped you as the motivation for this thread was
> the availability of security (or other critical) fixes for older
> kernels. It would all be fine if, say, the fix for CVE-2004-2492 were
> available for those who find 2.6.8 works for them (the fix went into
> 2.6.14 BTW), and the concern is the development model isn't fit to
> accomodate needs like this.

Well, if there's a CVE name, the proper patch isn't *that* far away
(someone has already done a bit of work to isolate the fix). The real
issue seems to be how to make sure that CVE names are assigned during
the kernel development process (and not just as an afterthought by the
security folks).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kenny Simpson: "Re: nfs unhappiness with memory pressure"
Previous message: Thomas Backlund: "Re: [PATCH] sata_sil: greatly improve DMA handling"
In reply to: Florian Weimer: "Re: RFC: Starting a stable kernel series off the 2.6 kernel"
Next in thread: Arjan van de Ven: "Re: RFC: Starting a stable kernel series off the 2.6 kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]