[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?

Well the thing about Debian kernel source is they
incorporate more than just security patches into their
source.  For example if you download red hat source
you get many performance patches etc. as well as any
security patches that are available.  To find all
patches and apply does take some time, more so than
just downloading source from the ftp site and make
oldconfig, make-kpkg, dpkg -i kernel-image.  I don't
mind experimenting around with kernel source on my
personal machines but on machines that can't really
afford to be down at all producing an unstable kernel
is not good.  This is why I like to stay a level or
two back with the kernel with backported security
fixes.  Just my 2 cents.
--- Dale Amon <amon@vnl.com> wrote:
> On Wed, Dec 03, 2003 at 06:46:51AM -0800, Karsten M.
> Self wrote:
> > Having a team that shares experience and combines
> talents in patching a
> > kernel and tuning it to secure configurations is a
> preferable approach.
> > While you _might_ do well on your own, the typical
> admin doesn't have
> > these skills.  The group security profile is
> likely better on a
> > group-configured kernel.  Mind you might compile
> on your own, but you're
> > at least starting from a better base.
> You make it sound like it was difficult ;-)
> Seriously, building and patching your own kernels is
> rather easy except on the bleeding edge experimental
> kernels.
> -- 
>    Dale Amon     amon@islandone.org   
> +44-7802-188325
>        International linux systems consultancy
>      Hardware & software system design, security
>     and networking, systems programming and Admin
> 	      "Have Laptop, Will Travel"
> -- 
> To UNSUBSCRIBE, email to
> debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org

Do you Yahoo!?
Free Pop-Up Blocker - Get it now

Reply to: