| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 4 May 2019 18:39:15 +0200 From: Reindl Harald <h.reindl@...lounge.net> To: Eric Dumazet <eric.dumazet@...il.com>, netdev@...r.kernel.org Subject: Re: CVE-2019-11683 Am 04.05.19 um 18:32 schrieb Eric Dumazet: > On 5/4/19 12:13 PM, Reindl Harald wrote: >> >> ok, so the answer is no >> >> what's the point then release every 2 days a new "stable" kernel? >> even distributions like Fedora are not able to cope with that > > That is a question for distros, not for netdev@ ? maybe, but the point is that we go in a direction where you have every 2 or 3 days a "stable" update up to days where at 9:00 AM a "stable" point release appears at kernel.org and one hour later the next one from Linus himself to fix a regression in the release an hour ago release-realy-release-often is fine, but that smells like rush and nobody downstream be it a sysadmin or a distribution can cope with that when you are in a testing stage a while start deploy there are 2 new releases with a long changelog just because you never know if what you intended to deploy now better should be skipped or joust go ahead because the next one a few days later brings a regression and which ones are the regressions adn which ones are the fixes which for me personally now leads to just randomly update every few weaks
Powered by blists - more mailing lists