On Wed, Jan 11, 2006 at 10:16:59PM +0100, Moritz Muehlenhoff wrote: > Steve Langasek wrote: > >> the fact that the mips/mipsel guys do their own thing in their own way is i > >> believe etch-RC though, and need to be solved in the next 6 month. > > That's a decision that needs to be made together with the people who will be > > doing security support for the kernel in etch. > Debian's 2.6.8 kernel contains (including the upcoming sarge2 kernels) patches > for 107 distinct security problems with a CVE ID. Given that 2.6.8 was introduced > in August 2004 and security support for Etch will end in December 2007 this > might very well be around 200 issues by the time support for Sarge fades out. > So, the bare numbers should make it pretty obvious why all archs should build out > of the linux-2.6 package. Sorry, but it doesn't to me. The mips kernels, though built from a separate source package, use the sources from the common kernel source package via a build-dependency. Is the impact of this two-step build process really that significant to the security processes? I would have thought it was a drop in the bucket next to the work of actually preparing the security fixes themselves, and particularly for woody/sarge where we have three major versions of Linux running around. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. vorlon@debian.org http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature