| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Apr 2016 21:36:31 +0900 From: Greg KH <greg@...ah.com> To: Sasha Levin <sasha.levin@...cle.com> Cc: Willy Tarreau <w@....eu>, Jiri Slaby <jslaby@...e.cz>, LKML <linux-kernel@...r.kernel.org>, stable <stable@...r.kernel.org>, lwn@....net Subject: Re: stable-security kernel updates On Thu, Apr 21, 2016 at 07:27:39AM -0400, Sasha Levin wrote: > Hey Willy, > > On 04/21/2016 03:11 AM, Willy Tarreau wrote: > > This illustrates exactly what I suspected would happen because that's the > > same trouble we all face when picking backports for our respective trees > > except that since the selection barrier is much higher here, lots of > > important ones will be missing > > Right. I fully agree that there will be important security commits that'll > get missed, whether because they were missed in the stable selection or > the stable-security selection. > > I'd like to point out again that updating the entire stable tree is the > preferable way to patch against security (and non-security) issues. s/preferable/only/ :) > The > stable-security tree is a best-effort solution to provide a stop-gap in > between said stable tree updates. What are you "stop-gapping" then? The 7-10 days between stable releases? confused, greg k-h
Powered by blists - more mailing lists