Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-kernel

From: John Mylchreest <johnm@g.o>
To: gentoo-kernel@l.g.o
Subject: Re: [gentoo-kernel] Gentoo Kernel Security Policy (DRAFT)
Date: Sat, 18 Mar 2006 10:42:13
Message-Id: 20060318104157.GC5573@getafix.willow.local
In Reply to: Re: [gentoo-kernel] Gentoo Kernel Security Policy (DRAFT) by Greg KH
1 OK so it obviously DID send and I just never recieved it! lol
2 Sorry, please ignore my most recent email.
3
4 > > > > 3. Genpatches-Base Support
5 > > > >
6 > > > > For as long as there is a kernel package in the tree using genpatches,
7 > > > > the corresponding genpatches-base will be maintained from a security
8 > > > > point of view. Announcements for each update follow the normal
9 > > > > procedure, however there is a caveat. Kernel sources which use
10 > > > > genpatches should not lapse more than 2 minor releases from upstream.
11 > > > > IE: kernel sources should not fall behind 2.6.14 if the most recent
12 > > > > upstream release is 2.6.16. In the extreme case where this is not
13 > > > > technically possible, this will require it being addressed on a
14 > > > > case-by-case basis, and a sectag penalty of 10 applied if appropriate.
15
16 > > > Wow, we are commiting to support 2 kernel versions back? Since when?
17 > > > That's going to be a major effort that no one has signed up to do (even
18 > > > kernel.org doesn't offer that...) Do we _really_ want to say we are
19 > > > going to do this?
20 > > >
21 > > > If so, we're already behind with all of the recent 2.6.15 security fixes
22 > > > not being backported to 2.6.14 :)
23 > >
24 > > Only they are being backported... kerframil is helping out with that task.
25 >
26 > Ah, didn't realize that. Ok, then I have no objections.
27 >
28 > thanks,
29 >
30 > greg k-h
31
32 Just to stress, its only the genpatches-based sources which are being
33 supported to this degree, and its mainly stable-tree backports - so
34 thankfully a very small footprint. :)
35
36 --
37 Role: Gentoo Linux Kernel Lead
38 Gentoo Linux: http://www.gentoo.org
39 Public Key: gpg --recv-keys 9C745515
40 Key fingerprint: A0AF F3C8 D699 A05A EC5C 24F7 95AA 241D 9C74 5515
Report Message
Find on MARC Find on Google Groups