[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

sarge kernel security transition

The ABI/security discussions have left me with a question - at what
point does security maintenance of our kernels transition from the
debian-kernel/testing security teams to the Debian security team, and
how will we interact with one another?  I assume there will be some
overlap, but it might be good to define this transition before it
happens.

Source Control
==============
I assume at some point we'll want to branch off our 2.4.27/2.6.8 kernels
and lock them down for only security changes.  I think it would be nice
to keep our svn repo up to date with the security releases, even if it
is an after-the-fact svn_load_dirs dump.  I assume this would fall to
the kernel team to maintain, if we choose to do so (versus the security
team doing the committing).

Sarge package vs. latest packages
=================================
When the first security update happens, will the uploaders start with
whatever is in sarge, or the latest version?

When sarge happens, its likely there will be pending changes in
kernel-source in svn, and maybe in sid.  Its also possible that some
kernel-image re-builds may not have propagated into sarge yet.  The
changes here should be mostly security fixes at this point; however
we've not formally frozen these packages to my knowledge, so this isn't
guaranteed.  Maybe now is the time to do that?
Reply to: