Re: Maintaining kernel source in sarge
On Mon, May 26, 2003 at 10:00:06PM +0200, Yann Dirson wrote:
>
> We could get around Guido's point mentionned above by having a list of
> default patches to apply, which would by default contain the debian
> patch.
Yes, but then the problem is that unsuspecting users could be
building kernels using the kernel-source package thinking that
it contained all the security fixes.
I believe that distributing a binary package that may contain
known security problems is a very serious problem.
--
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Reply to: