lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130716163528.GA17231@kroah.com>
Date:	Tue, 16 Jul 2013 09:35:28 -0700
From:	Greg KH <greg@...ah.com>
To:	Jiri Kosina <jkosina@...e.cz>
Cc:	James Bottomley <James.Bottomley@...senPartnership.com>,
	ksummit-2013-discuss@...ts.linuxfoundation.org,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [Ksummit-2013-discuss] KS Topic request: Handling the Stable
 kernel, let's dump the cc: stable tag

On Tue, Jul 16, 2013 at 11:46:05AM +0200, Jiri Kosina wrote:
> On Tue, 16 Jul 2013, James Bottomley wrote:
> 
> > > But I need, from the distros, specific examples of what they object to.
> > > So far all I've gotten is one security patch (that was needed), and one
> > > patch for sysfs that I backported too far in the version numbers (my
> > > fault.)
> > > 
> > > Given the huge number of stable patches over the past few years, only
> > > having 2 patches be an issue sounds like things are working well for
> > > people here.
> > > 
> > > If I don't get pushback, with specifics, from the distros, I will not
> > > know what to change, so if people can provide me that, it will help out
> > > a lot.
> > 
> > I agree ... I think Ji?? and his Red Hat equivalent need to pipe up and
> > give us more examples of the problems they've been having.
> 
> I am still continuing with my pushback against the /dev/random revamp that 
> happened in -stable; at least in the form it happened. I still strongly 
> believe it's something that's not a stable material. But that's happening 
> in parallel in a different thread already.
> 
> Okay, if you want another example:
> 
> 	commit a6aa749906b92eaec6ca0469f90f35de26044d90
> 	Author: Zhenzhong Duan <zhenzhong.duan@...cle.com>
> 	Date:   Thu Dec 20 15:05:14 2012 -0800
> 
> 	    drivers/firmware/dmi_scan.c: fetch dmi version from SMBIOS if it exists
> 
> While this is a correct fix for major kernel release, as it achieves 
> correctness by checking SMBIOS version properly and behaving according to 
> the spec, it actually causes an userspace ABI regression in some sense, as 
> it just changes byte order of /sys/class/dmi/id/product_uuid on certain 
> systems.
> 
> Which is something I absolutely *do not* expect from a minor release of 
> branch which is called "stable".

As you pointed out, your definition of "stable" is one that the
enterprise distros have created, and might be totally different from my
view of what "stable" is :)

And also, as Ben pointed out, this was probably wrong, and someone
should have told me about this, so I could have reverted it.  Please do
so the next time.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ