Re: Security Supporting Debian Kernels in Sarge
Nathanael Nerode wrote:
> > 2. It is insane to expect us to support three main kernel lines
> > (2.2, 2.4 *and* 2.6).
> The main problem here appears to be the arch which still isn't supported by
> 2.4 or 2.6, namely m68k. 2.2 is pretty dead development-wise anyway and is
You forgot the hypersparc sub-architectur of sparc, that also
requires us to run a 2.2 kernel.
> likely to security holes which were fixed incidentally during 2.4
> development. :-P
> I see only one way to deal with that: drop security support for m68k. :-P
... and sparc.
Even though, there is a smiley at the end of the line I don't see a need to
continue arch-bashing again.
> Bleah! Who isn't using 2.4.25? Fess up! If there are known
> problems with 2.4.25 on your subarch or variant, fix them!
>From some architectures, I know that this is being worked on, partially
inspired by the problems we've had with security updates. Unfortunately,
it's not as easy as we would like it to be.
> > kernel-source-2.6.3 testing 2.6.3-2 all source
> > kernel-source-2.6.4 testing 2.6.4-1 all source
> > kernel-source-2.6.5 testing 2.6.5-1 all source
> I really don't see why we need all of these. Can't we just stick with they
> newest 2.6 and leave out the previous point releases? 2.6 point releases
> seem to have been pretty good about not breaking anything. Why not, for
> that matter, just have a kernel-source-2.6 package?
Are you able to monitor which 2.6 kernels enter unstable/testing and
discuss with the port maintainers that use them whether older versions
could be dropped? That would hopefully improve this part of the problem.
> > There are also 31 kernel-image packages for various architectures and
> > versions. This is too much!
> > kernel-image-2.2.10-powerpc-apus testing 2.2.10-13 source
> This should be removed entirely; it's replaced by something newer.
It's removal should already have been requested...
> > kernel-image-sparc-2.2 testing 9 source
> Which sparc subarch really needs this?
The only stupid question is the unasked one.
Please always Cc to me when replying to me on the lists.