lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <b29aea5d-930e-778a-1627-1bfd85cbe849@gmail.com> Date: Sat, 4 May 2019 12:43:23 -0400 From: Eric Dumazet <eric.dumazet@...il.com> To: Reindl Harald <h.reindl@...lounge.net>, netdev@...r.kernel.org Subject: Re: CVE-2019-11683 On 5/4/19 12:39 PM, Reindl Harald wrote: > > > Am 04.05.19 um 18:32 schrieb Eric Dumazet: >> On 5/4/19 12:13 PM, Reindl Harald wrote: >>> >>> ok, so the answer is no >>> >>> what's the point then release every 2 days a new "stable" kernel? >>> even distributions like Fedora are not able to cope with that >> >> That is a question for distros, not for netdev@ ? > > maybe, but the point is that we go in a direction where you have every 2 > or 3 days a "stable" update up to days where at 9:00 AM a "stable" point > release appears at kernel.org and one hour later the next one from Linus > himself to fix a regression in the release an hour ago > > release-realy-release-often is fine, but that smells like rush and > nobody downstream be it a sysadmin or a distribution can cope with that > when you are in a testing stage a while start deploy there are 2 new > releases with a long changelog > > just because you never know if what you intended to deploy now better > should be skipped or joust go ahead because the next one a few days > later brings a regression and which ones are the regressions adn which > ones are the fixes which for me personally now leads to just randomly > update every few weaks > In any case, this discussion has nothing to do with netdev@ Are you suggesting that we should not fix bugs at given period of times, just because a 'release of some stable kernel' happened one day before ? How you do your updates does not really concern us, sorry !
Powered by blists - more mailing lists