Re: Maintaining kernel source in sarge

To: debian-devel@lists.debian.org
Cc: Guido Guenther <agx@debian.org>
Subject: Re: Maintaining kernel source in sarge
From: Matt Zimmerman <mdz@debian.org>
Date: Sat, 24 May 2003 18:33:24 -0400
Message-id: <[🔎] 20030524223324.GV25254@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org, Guido Guenther <agx@debian.org>
In-reply-to: <[🔎] 20030524184426.GB31691@bogon.ms20.nix>
References: <[🔎] 20030524091823.GA27238@bogon.ms20.nix> <[🔎] E19JX8K-0005bJ-00@gondolin.me.apana.org.au> <[🔎] 20030524174221.GQ25254@alcor.net> <[🔎] 20030524184426.GB31691@bogon.ms20.nix>

On Sat, May 24, 2003 at 08:44:26PM +0200, Guido Guenther wrote:

> On Sat, May 24, 2003 at 01:42:22PM -0400, Matt Zimmerman wrote:
> > So this means that maintainers of the architecture patches must be sure
> > to merge in these fixes, otherwise they may inherit security
> > vulnerabilities (for example)?  How can we track when this has happened
> > when there are so many different patches?
> The situation won't change much over the current one. You currently can't
> be sure that an arch doesn't back out security fixes in our kernel-source
> with it's kernel-patch diff (intentionally or not).

In most cases, it's much easier for a maintainer to unintentionally leave
something out (especially if they are unaware of it) than to revert it
(unintentionally or not).

-- 
 - mdz

Reply to:

References:
- Re: Maintaining kernel source in sarge
  - From: Guido Guenther <agx@debian.org>
- Re: Maintaining kernel source in sarge
  - From: Herbert Xu <herbert@gondor.apana.org.au>
- Re: Maintaining kernel source in sarge
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Maintaining kernel source in sarge
  - From: Guido Guenther <agx@debian.org>

Prev by Date: Re: Maintaining kernel source in sarge
Next by Date: Re: Maintaining kernel source in sarge
Previous by thread: Re: Maintaining kernel source in sarge
Next by thread: Re: Maintaining kernel source in sarge
Index(es):
- Date
- Thread