| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20081016153053.GJ5834@nostromo.devel.redhat.com> Date: Thu, 16 Oct 2008 11:30:53 -0400 From: Bill Nottingham <notting@...hat.com> To: Greg KH <greg@...ah.com> Cc: Adrian Bunk <bunk@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, linux-kernel@...r.kernel.org Subject: Re: [RFC] Kernel version numbering scheme change Greg KH (greg@...ah.com) said: > Distros properly patch things and backport "urgent OpenSSL security > updates" to older versions of packages, so they would not run into this > problem. > > Newer releases would run into this problem, but as almost all distros > have huge, easy to run, build systems, a change like this would show up > immediately and be fixed in a matter of hours, with the needed fixes > being pushed upstream to the various packages as needed. > > So I really don't think this is much of a problem. > > It's interesting that openssl doesn't just check for Linux 1.x and > assumes that Linux 9.23.12 will work just fine with what they are doing :) Is it really worth the effort of having any such upstream have to quickly patch and release, when the only benefit listed (earlier in this thread) was to inform people how old their kernel is? Bill -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists