Are you planning on a 2.2.15 for potato? It seems that we need it for security reasons. Hopefully we can get this done by 27 April?
--- Begin Message ---
- To: Adam Di Carlo <adam@onshore.com>
- Cc: Richard Braakman <dark@xs4all.nl>, debian-security-private@lists.debian.org
- Subject: Re: kernel we release with (was Re: Preparing for first test cycle)
- From: Wichert Akkerman <wichert@cistron.nl>
- Date: Thu, 20 Apr 2000 17:04:27 +0200
- Message-id: <20000420170427.D10779@liacs.nl>
- Mail-followup-to: Adam Di Carlo <adam@onshore.com>, Richard Braakman <dark@xs4all.nl>, debian-security-private@lists.debian.org
- In-reply-to: <oavh1cn7i9.fsf_-_@arroz.fake>; from adam@onshore.com on Thu, Apr 20, 2000 at 10:59:10AM -0400
- References: <20000418134746.A2469@xs4all.nl> <20000418171528.G14741@finlandia.infodrom.north.de> <20000420135852.B17775@xs4all.nl> <20000420145452.A24592@cistron.nl> <oavh1cn7i9.fsf_-_@arroz.fake>
Previously Adam Di Carlo wrote: > What does this mean? We'll be using 2.2.15 for potato? Or sticking > with a patched 2.2.14? 2.2.15 + 1 patch (it seems it was too late for 2.2.15). Otherwise we'll release with a kernel with known security problems. Sorry to put this on you so late, but I'm afraid there is no alternative. 2.2.14 has at least two problems, a trivial DoS in knfs and another one I already forgot the details about (was a while ago already.. 2.2.15 is long overdue unfortunately). Also please note that the fact that a 2.2.x kernel changelog doesn't mention a security problem doesn't mean there is none, Alan doesn't mention them on purpose occasionally. Wichert. -- _________________________________________________________________ / Generally uninteresting signature - ignore at your convenience \ | wichert@liacs.nl http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |Attachment: pgpIDwLAPsLuF.pgp
Description: PGP signature
--- End Message ---
-- .....Adam Di Carlo....adam@onShore.com.....<URL:http://www.onShore.com/>