Gentoo Archives: gentoo-kernel

From: John Mylchreest <johnm@g.o>
To: gentoo-kernel@l.g.o
Subject: Re: [gentoo-kernel] Gentoo Kernel Security Policy (DRAFT)
Date: Sat, 18 Mar 2006 10:42:13
Message-Id: 20060318104157.GC5573@getafix.willow.local
In Reply to: Re: [gentoo-kernel] Gentoo Kernel Security Policy (DRAFT) by Greg KH
OK so it obviously DID send and I just never recieved it! lol
Sorry, please ignore my most recent email.

> > > > 3. Genpatches-Base Support > > > > > > > > For as long as there is a kernel package in the tree using genpatches, > > > > the corresponding genpatches-base will be maintained from a security > > > > point of view. Announcements for each update follow the normal > > > > procedure, however there is a caveat. Kernel sources which use > > > > genpatches should not lapse more than 2 minor releases from upstream. > > > > IE: kernel sources should not fall behind 2.6.14 if the most recent > > > > upstream release is 2.6.16. In the extreme case where this is not > > > > technically possible, this will require it being addressed on a > > > > case-by-case basis, and a sectag penalty of 10 applied if appropriate.
> > > Wow, we are commiting to support 2 kernel versions back? Since when? > > > That's going to be a major effort that no one has signed up to do (even > > > kernel.org doesn't offer that...) Do we _really_ want to say we are > > > going to do this? > > > > > > If so, we're already behind with all of the recent 2.6.15 security fixes > > > not being backported to 2.6.14 :) > > > > Only they are being backported... kerframil is helping out with that task. > > Ah, didn't realize that. Ok, then I have no objections. > > thanks, > > greg k-h
Just to stress, its only the genpatches-based sources which are being supported to this degree, and its mainly stable-tree backports - so thankfully a very small footprint. :) -- Role: Gentoo Linux Kernel Lead Gentoo Linux: http://www.gentoo.org Public Key: gpg --recv-keys 9C745515 Key fingerprint: A0AF F3C8 D699 A05A EC5C 24F7 95AA 241D 9C74 5515