[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-id: <5ABCB2BC.6050408@samsung.com>
Date: Thu, 29 Mar 2018 18:32:44 +0900
From: Inki Dae <inki.dae@...sung.com>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: Mauro Carvalho Chehab <mchehab@...pensource.com>,
Linux Media Mailing List <linux-media@...r.kernel.org>,
stable@...r.kernel.org,
Mauro Carvalho Chehab <mchehab@...radead.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Seung-Woo Kim <sw0312.kim@...sung.com>,
Brian Warner <brian.warner@...sung.com>
Subject: Re: [PATCH for v3.18 00/18] Backport CVE-2017-13166 fixes to Kernel
3.18
2018년 03월 29일 16:00에 Greg KH 이(가) 쓴 글:
> On Thu, Mar 29, 2018 at 03:39:54PM +0900, Inki Dae wrote:
>> 2018년 03월 29일 13:25에 Greg KH 이(가) 쓴 글:
>>> On Thu, Mar 29, 2018 at 08:22:08AM +0900, Inki Dae wrote:
>>>> Really thanks for doing this. :) There would be many users who use
>>>> Linux-3.18 for their products yet.
>>>
>>> For new products? They really should not be. The kernel is officially
>>
>> Really no. Old products would still be using Linux-3.18 kernel without
>> kernel upgrade. For new product, most of SoC vendors will use
>> Linux-4.x including us.
>> Actually, we are preparing for kernel upgrade for some devices even
>> some old devices (to Linux-4.14-LTS) and almost done.
>
> That is great to hear.
>
>>> What is keeping you on 3.18.y and not allowing you to move to a newer
>>> kernel version?
>>
>> We also want to move to latest kernel version. However, there is a case that we cannot upgrade the kernel.
>> In case that SoC vendor never share firmwares and relevant data
>> sheets, we cannot upgrade the kernel. However, we have to resolve the
>> security issues for users of this device.
>
> It sounds like you need to be getting those security updates from those
> SoC vendors, as they are the ones you are paying for support for that
It's true but some open source developers like me who use vendor kernel without vendor's support will never get the security updates from them.
So if you merge CVE patches even through this kernel is already EOL then many open source developers would be glad. :)
Thanks,
Inki Dae
> kernel version that they are forcing you to stay on.
>
> good luck!
>
> greg k-h
>
>
>
Powered by blists - more mailing lists