Gentoo Archives: gentoo-kernel

From: Greg KH <gregkh@g.o>
To: gentoo-kernel@l.g.o
Subject: Re: [gentoo-kernel] Gentoo Kernel Security Policy (DRAFT)
Date: Thu, 16 Mar 2006 17:30:37
Message-Id: 20060316173013.GA5974@kroah.com
In Reply to: Re: [gentoo-kernel] Gentoo Kernel Security Policy (DRAFT) by Tim Yamin
On Thu, Mar 16, 2006 at 02:59:56AM +0000, Tim Yamin wrote:
> On Wed, Mar 15, 2006 at 04:43:18PM -0800, Greg KH wrote: > > On Wed, Mar 15, 2006 at 11:31:01PM +0000, John Mylchreest wrote: > > > 3. Genpatches-Base Support > > > > > > For as long as there is a kernel package in the tree using genpatches, > > > the corresponding genpatches-base will be maintained from a security > > > point of view. Announcements for each update follow the normal > > > procedure, however there is a caveat. Kernel sources which use > > > genpatches should not lapse more than 2 minor releases from upstream. > > > IE: kernel sources should not fall behind 2.6.14 if the most recent > > > upstream release is 2.6.16. In the extreme case where this is not > > > technically possible, this will require it being addressed on a > > > case-by-case basis, and a sectag penalty of 10 applied if appropriate. > > > > Wow, we are commiting to support 2 kernel versions back? Since when? > > That's going to be a major effort that no one has signed up to do (even > > kernel.org doesn't offer that...) Do we _really_ want to say we are > > going to do this? > > > > If so, we're already behind with all of the recent 2.6.15 security fixes > > not being backported to 2.6.14 :) > > Only they are being backported... kerframil is helping out with that task.
Ah, didn't realize that. Ok, then I have no objections. thanks, greg k-h -- gentoo-kernel@g.o mailing list

Replies

Subject Author
Re: [gentoo-kernel] Gentoo Kernel Security Policy (DRAFT) John Mylchreest <johnm@g.o>