[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security Supporting Debian Kernels in Sarge

Andreas Barth dijo [Sat, Apr 24, 2004 at 09:38:04AM +0200]:
> > >   2. It is insane to expect us to support three main kernel lines
> > >      (2.2, 2.4 *and* 2.6).
> > The main problem here appears to be the arch which still isn't supported by
> > 2.4 or 2.6, namely m68k.  2.2 is pretty dead development-wise anyway and is
> > likely to security holes which were fixed incidentally during 2.4
> > development.  :-P
> > 
> > I see only one way to deal with that: drop security support for m68k.  :-P
> No. The other way would be to ask the m68k-porters if they can do the
> security support of the 2.2-kernels, and remove all 2.2-kernels except
> for m68k from sarge.

I don't think this would be a good answer - You can't assure they will
be able to do the job, and the Secutity team will be pulled back in
the mix.

We don't have that much of a m68k userbase, and I think that userbase
is clueful enough to ask them something. I would suggest supporting
the installation, but notifying the user he should get kernel updates
from kernel.org, as kernel 2.2 will not be maintained by Debian
itself. We could even take a special provision, breaking our
traditional stable rules, allowing for the eventual incorporation of a
2.6 kernel once it is released and tested - and then (maybe for 3.1r1
or such) treat it as part of Sarge.


Gunnar Wolf - gwolf@gwolf.cx - (+52-55)5630-9700 ext. 1366
PGP key 1024D/8BB527AF 2001-10-23
Fingerprint: 0C79 D2D1 2C4E 9CE4 5973  F800 D80E F35A 8BB5 27AF

Reply to: