Re: Getting newer kernels into stable

To: debian-devel@lists.debian.org
Subject: Re: Getting newer kernels into stable
From: Henning Makholm <henning@makholm.net>
Date: 29 Mar 2004 04:14:16 +0100
Message-id: <[🔎] 87k714ny47.fsf@kreon.lan.henning.makholm.net>
In-reply-to: <[🔎] 20040329022437.GC4190@daedalus.andrew.net.au>
References: <[🔎] 20040329022437.GC4190@daedalus.andrew.net.au>

Scripsit Andrew Pollock <debian-lists-2004@andrew.net.au>

> for example, let's say hypothetically, Sarge shipped with 2.6.4, and then 3
> months later, Sarge_r1 ships with 2.6.6 as the default kernel, and a month
> later, a vulnerability is found in 2.6.4, that isn't in 2.6.6. Would we need
> to issue a patched 2.6.4 if we were already providing a non-vulnerable 2.6.6
> in a newer point release of stable?

If a patched 2.6.4 were *not* released, people would not be able to get
the patch simply by doing 'apt-get update && apt-get upgrade' once in
a while.

Even if we issued an empty transition kernel-image-2.6.4 to pull in
2.6.6 (which is dangerous in and of itself), apt-get would not
actually upgrade unless it gets 'apt-get dist-upgrade'.

-- 
Henning Makholm                              "En tapper tinsoldat. En dame i
                                         spagat. Du er en lykkelig mand ..."

Reply to:

Follow-Ups:
- Re: Getting newer kernels into stable
  - From: Andrew Pollock <debian-lists-2004@andrew.net.au>

References:
- Getting newer kernels into stable
  - From: Andrew Pollock <debian-lists-2004@andrew.net.au>

Prev by Date: Re: testing and no release schedule
Next by Date: Re: Fixed in NMU of libxslt 1.1.4-1
Previous by thread: Getting newer kernels into stable
Next by thread: Re: Getting newer kernels into stable
Index(es):
- Date
- Thread