Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-kernel
Navigation:
Lists: gentoo-kernel: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-kernel@g.o
From: "Bruno Buss" <bruno.buss@...>
Subject: What is the policy for a security fix for kernel?
Date: Fri, 5 Dec 2008 11:03:24 -0200
Hi,<br><br>For example, bug 249729 (<a href="http://bugs.gentoo.org/show_bug.cgi?id=249729">http://bugs.gentoo.org/show_bug.cgi?id=249729</a>) is a security bug that affect a lot of versions (<a href="http://www.securityfocus.com/bid/32516/info">http://www.securityfocus.com/bid/32516/info</a>).<br>
Also, i may be wrong... i don&#39;t think it is a very dangerous bug... but it is a security bug anyway.<br><br>So, what the KernelTeam do in this case?<br><br>First, genpatches and gentoo-sources have in cvs-trunk 2.6.25, 2.6.26, 2.6.27 and now is creating the structure for <a href="http://2.6.28.">2.6.28.</a> But let focus on .25, .26 and .27 that are the stable kernel releases.<br>
<br>For .27, the <a href="http://2.6.27.8">2.6.27.8</a> stable review cycle is in process, so when it&#39;s released, KernelTeam just update genpatches to have <a href="http://2.6.27.8">2.6.27.8</a> patch and release 2.6.26-r4? And ask for stabilization?<br>
<br>For .26, backport to genpatches and release 2.6.26-r4?<br>Same for .25, and release 2.6.25-r10?<br>(Or if the patch just apply with no problems, just get it and put it in there.)<br><br><br>The older versions, are not suported by genpatches anymore... but they should stay marked as stable, even with security bugs?<br>
<br><br clear="all"><br>And what is the procedure for the sys-kernel/vanilla-sources ebuilds? Leave it as it is? Try to stabilize any new version? Take out any version or put ~ back in them?<br><br><br>Ty<br>-- <br>Bruno C. Buss<br>
<a href="http://magoobr.blogspot.com/">http://magoobr.blogspot.com/</a><br><a href="http://www.dcc.ufrj.br/~brunobuss/">http://www.dcc.ufrj.br/~brunobuss/</a><br><br>Aluno do DCC - UFRJ - <a href="http://www.dcc.ufrj.br">www.dcc.ufrj.br</a><br>
<br>if( ((*node)-&gt;valor) &lt; (((*heap)[((*node)-&gt;gr)])-&gt;valor)) /* WTF?! */<br><br>&quot;Throughout your life, advance daily, becoming more skillful than yesterday, more skillful than today. This is never-ending.&quot; - Hagakure<br>

Replies:
Re: What is the policy for a security fix for kernel?
-- Mathieu SEGAUD
Navigation:
Lists: gentoo-kernel: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: [gentoo-dev] Looking for help with kernel maintenance
Next by thread:
Re: What is the policy for a security fix for kernel?
Previous by date:
Re: Re: [gentoo-dev] Looking for help with kernel maintenance
Next by date:
Re: What is the policy for a security fix for kernel?


Updated Jun 17, 2009

Summary: Archive of the gentoo-kernel mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.