Re: Security Supporting Debian Kernels in Sarge

To: Nathanael Nerode <neroden@twcny.rr.com>
Cc: Debian Development <debian-devel@lists.debian.org>
Subject: Re: Security Supporting Debian Kernels in Sarge
From: Martin Schulze <joey@infodrom.org>
Date: Sun, 25 Apr 2004 16:28:13 +0200
Message-id: <[🔎] 20040425142813.GA9105@finlandia.infodrom.north.de>
In-reply-to: <[🔎] c6buq6$vf1$1@sea.gmane.org>
References: <[🔎] 20040421165249.GZ1655@finlandia.infodrom.north.de> <[🔎] c6buq6$vf1$1@sea.gmane.org>

Nathanael Nerode wrote:
> >   2. It is insane to expect us to support three main kernel lines
> >      (2.2, 2.4 *and* 2.6).
> The main problem here appears to be the arch which still isn't supported by
> 2.4 or 2.6, namely m68k.  2.2 is pretty dead development-wise anyway and is

You forgot the hypersparc sub-architectur of sparc, that also
requires us to run a 2.2 kernel.

> likely to security holes which were fixed incidentally during 2.4
> development.  :-P

Yes.

> I see only one way to deal with that: drop security support for m68k.  :-P

... and sparc.

Even though, there is a smiley at the end of the line I don't see a need to
continue arch-bashing again.

> Bleah!  Who isn't using 2.4.25?  Fess up!  If there are known
> problems with 2.4.25 on your subarch or variant, fix them!

>From some architectures, I know that this is being worked on, partially
inspired by the problems we've had with security updates.  Unfortunately,
it's not as easy as we would like it to be.

> > kernel-source-2.6.3   testing   2.6.3-2     all source
> > kernel-source-2.6.4   testing   2.6.4-1     all source
> > kernel-source-2.6.5   testing   2.6.5-1     all source
> I really don't see why we need all of these.  Can't we just stick with they
> newest 2.6 and leave out the previous point releases?  2.6 point releases
> seem to have been pretty good about not breaking anything.  Why not, for
> that matter, just have a kernel-source-2.6 package?

Are you able to monitor which 2.6 kernels enter unstable/testing and
discuss with the port maintainers that use them whether older versions
could be dropped?  That would hopefully improve this part of the problem.

> > There are also 31 kernel-image packages for various architectures and
> > versions.  This is too much!
> > 
> > kernel-image-2.2.10-powerpc-apus  testing   2.2.10-13   source
> This should be removed entirely; it's replaced by something newer.

It's removal should already have been requested...

> > kernel-image-sparc-2.2            testing   9           source
> Which sparc subarch really needs this?

hypersparc.

Regards,

	Joey

-- 
The only stupid question is the unasked one.

Please always Cc to me when replying to me on the lists.

Reply to:

Follow-Ups:
- Re: Security Supporting Debian Kernels in Sarge
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: Security Supporting Debian Kernels in Sarge
  - From: Nathanael Nerode <neroden@twcny.rr.com>

References:
- Security Supporting Debian Kernels in Sarge
  - From: Martin Schulze <joey@infodrom.org>
- Re: Security Supporting Debian Kernels in Sarge
  - From: Nathanael Nerode <neroden@twcny.rr.com>

Prev by Date: Configuration by using local packages
Next by Date: Re: Security Supporting Debian Kernels in Sarge
Previous by thread: Re: Security Supporting Debian Kernels in Sarge
Next by thread: Re: Security Supporting Debian Kernels in Sarge
Index(es):
- Date
- Thread