| 1 |
El vie, 02-01-2015 a las 12:25 -0500, Mike Pagano escribió: |
| 2 |
> Hello, Everyone, |
| 3 |
> |
| 4 |
> Are there solid arguments for stabilizing any version of gentoo-sources? I |
| 5 |
> think the valid arguments for not stabilizing gentoo-sources can be garnered |
| 6 |
> from the thread about not stabilizing vanilla-sources[1]. |
| 7 |
> |
| 8 |
> This is in no way complaining about how long it takes to stabilize a kernel. |
| 9 |
> It's just a fact that by the time we do stabilizing one, there might be many, |
| 10 |
> many kernel versions released for that 3.X branch that contains security fixes |
| 11 |
> for which the stable version will not have. Kernel versions are coming out |
| 12 |
> 1-2 a week at this point. |
| 13 |
> |
| 14 |
> I feel we are giving users a false sense of security, and maybe it would be |
| 15 |
> better for them to upgrade faster than they are doing now if they are only |
| 16 |
> using stable kernels. |
| 17 |
> |
| 18 |
> Having stable kernels around keeps me from deleting these old, potentially |
| 19 |
> vulnerable releases.[2] |
| 20 |
> |
| 21 |
> Mike |
| 22 |
> |
| 23 |
> [1] http://marc.info/?l=gentoo-kernel&m=137182668616082&w=2 |
| 24 |
> [2] http://packages.gentoo.org/package/sys-kernel/gentoo-sources |
| 25 |
> |
| 26 |
> |
| 27 |
|
| 28 |
In my case I still run only "stable" gentoo-sources in many machines to |
| 29 |
prevent regressions introduced by new major kernel releases. For |
| 30 |
example, few weeks ago kernel 3.17.x were breaking X in some of them due |
| 31 |
to a regression with AGP handling that was fixed in 3.17.4. |
| 32 |
|
| 33 |
Even if arch team members cannot test the versions really deep, for now |
| 34 |
it has been enough for me to rely on kernel maintainers thinking a |
| 35 |
concrete major version is ready to be stabilized after some weeks :) |
Archives