lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <elrop2$vdl$1@sea.gmane.org>
Date:	Thu, 14 Dec 2006 15:59:54 +0100
From:	Manuel Reimer <Manuel.Spam@...fuerspam.de>
To:	linux-kernel@...r.kernel.org
Subject:  Will there be security updates for 2.6.17 kernels?

Hello,

my problem is, that the slackware maintainers decided to use kernel 
2.6.17. Here is their comment, they posted to the changelog:

After much thought and consultation with developers, it has been decided 
to move 2.6.17.x out of /testing and into /extra.  It runs stable by all 
reports, has better wireless support, and is not going to be stale as 
soon.  In addition, HIGHMEM4G has been enabled.  This caused no problems 
with my old 486 with 24MB (the one I use for compiling KDE ;-), and 
Tomas Matejicek has enabled this in SLAX for a long time with no reports 
of problems, so I believe it is a safe option (and is needed by many 
modern machines). Thanks again to Andrea for building these kernels and 
packages.  :-)

They had a 2.6.16 kernel in /extra before and as far as I know the
2.6.16 kernel series still gets security updates.

Is this also the case for 2.6.17 kernels? will there be an update if
there is an security hole in the latest 2.6.17 kernel?

The problem is, that the slackware team doesn't patch anything on their
own. They always wait for the update done by the author, if the bug
isn't very critical. This means they will stay forever with their
current version of the 2.6.17 kernel, if there will be no updates in
future.

If there will be no updates for 2.6.17 in future: Are there already
security holes in 2.6.17? Could someone please give two examples? I need
informations, to be able to contact the slackware team, to request a
"downgrade" to 2.6.16.

Thank you very much in advance

Yours

Manuel Reimer

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ