lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 24 Sep 2006 00:33:48 +0200
From:	Adrian Bunk <bunk@...sta.de>
To:	Jean Delvare <khali@...ux-fr.org>
Cc:	Greg KH <greg@...ah.com>, linux-kernel@...r.kernel.org
Subject: Re: Linux 2.6.16.30-pre1

On Sat, Sep 23, 2006 at 10:49:09PM +0200, Jean Delvare wrote:

> Hi Adrian, Greg,

Hi Jean,

> I second Greg's objection, and share his worries. "No possible
> regression" is something extremely hard to evaluate in general.
> Besides, the goal of -stable as I remember it is not "no regression"
> but rather "only bugfixes", i.e. patches don't go in without a good
> reason (default policy = reject), rather than patches are rejected if
> they may cause problem (default policy = accept.)
> 
> Adding support for new devices, even if it's only adding an ID in a
> list, is not always safe. I am not happy about new IDs being considered
> as OK for late RCs, I am even less so for -stable.

the main goals for 2.6.16 are:
- no regressions
- security fixes

And I did always say that things like adding new PCI IDs are considered 
OK for 2.6.16.

> The sole fact that Adrian felt the need to release a -pre1 for
> 2.6.16.30 betrays his lack of confidence IMHO.

No, all it says is:
- there was no reason for releasing 2.6.16.30 very soon
- my TODO list still contains reviewing 65 of the patches the -stable
  team added to 2.6.17

> And the size of ChangeLog-2.6.16.29 speaks for itself.

Except for 2 bug fixes, all of them were patches the -stable team added 
to 2.6.17.

> Given that 2.6.16.y follows the naming convention of -stable and is
> released in the official v2.6 directory on ftp.kernel.org, I'd like to
> see it follow the same rules we have for "real" -stable trees. Adrian,
> if you are going to diverge from the original intent of -stable, this
> is your own right, but then please change the name of your tree to
> 2.6.16-ab or something similar, to clear the confusion.
> 
> I will not use 2.6.16.y with its current rules, for sure, and I doubt
> any distribution will. Wasn't the whole point of 2.6.16.y to serve as a
> common base between several distributions?

No, see [1]:

<--  snip  -->

Q:
What is the target audience for this 2.6.16 series?

A:
The target audience are users still using 2.4 (or who'd still use kernel 
2.4 if they weren't forced to upgrade to 2.6 for some reason) who want a 
stable kernel series including security fixes but excluding many 
regressions.
It might also be interesting for distributions that prefer stability 
over always using the latest stuff.

<--  snip  -->


The 2.6.16 series is an offer.

If you don't want to use it it's OK.

Distributions can use it, cherry pick from it, or ignore it.

Whether a distribution uses 2.6.16 or a more recent kernel (that will 
anyway support more hardware than 2.6.16 ever will), and if a 
distribution that uses 2.6.16 will ever follow the 2.6.16 series depends 
on the goals of the distribution.


> Thanks,
> Jean Delvare

cu
Adrian

[1] http://article.gmane.org/gmane.linux.kernel/354360

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists