lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 21 Apr 2016 14:56:49 +0200
From:	Willy Tarreau <w@....eu>
To:	Sasha Levin <sasha.levin@...cle.com>
Cc:	LKML <linux-kernel@...r.kernel.org>,
	stable <stable@...r.kernel.org>, lwn@....net
Subject: Re: stable-security kernel updates

On Wed, Apr 20, 2016 at 03:50:34PM -0400, Sasha Levin wrote:
> Hi all,
> 
> Updates for stable-security kernels have been released:
> 
> 	- v3.12.58-security
> 	- v3.14.67-security
> 	- v3.18.31-security
> 	- v4.1.22-security
> 	- v4.4.8-security
> 	- v4.5.2-security

Sasha, regardless the rest of the discussion in this thread, I find
myself confused by the naming above. For me, 3.12.58-something means
"something" on top of 3.12.58. Many (most? all?) forks work like this,
but here it seems that instead it's 3.12 + your selection of fixes
from kernels up to 3.12.58. I guess it would be much less confusing to
call it something like 3.12.0-security58 or something like this (or
maybe simply 3.12.0.58). Some people might be tempted to upgrade from
3.12.40 to 3.12.58-security and will possibly discover some breakage
due to bugs that were fixed between 3.12 and 3.12.40 and which are not
fixed in 3.12.58-security.

Thanks,
willy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ