Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?

To: Dale Amon <amon@vnl.com>, debian-security@lists.debian.org
Subject: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
From: peace bwitchu <peacebwitchu@yahoo.com>
Date: Wed, 3 Dec 2003 09:06:53 -0800 (PST)
Message-id: <[🔎] 20031203170653.51663.qmail@web13204.mail.yahoo.com>
In-reply-to: <[🔎] 20031203164011.GI25416@vnl.com>

Well the thing about Debian kernel source is they
incorporate more than just security patches into their
source.  For example if you download red hat source
you get many performance patches etc. as well as any
security patches that are available.  To find all
these 
patches and apply does take some time, more so than
just downloading source from the ftp site and make
oldconfig, make-kpkg, dpkg -i kernel-image.  I don't
mind experimenting around with kernel source on my
personal machines but on machines that can't really
afford to be down at all producing an unstable kernel
is not good.  This is why I like to stay a level or
two back with the kernel with backported security
fixes.  Just my 2 cents.
--- Dale Amon <amon@vnl.com> wrote:
> On Wed, Dec 03, 2003 at 06:46:51AM -0800, Karsten M.
> Self wrote:
> > Having a team that shares experience and combines
> talents in patching a
> > kernel and tuning it to secure configurations is a
> preferable approach.
> > While you _might_ do well on your own, the typical
> admin doesn't have
> > these skills.  The group security profile is
> likely better on a
> > group-configured kernel.  Mind you might compile
> on your own, but you're
> > at least starting from a better base.
> 
> You make it sound like it was difficult ;-)
> 
> Seriously, building and patching your own kernels is
> rather easy except on the bleeding edge experimental
> kernels.
> 
> -- 
>
------------------------------------------------------
>    Dale Amon     amon@islandone.org   
> +44-7802-188325
>        International linux systems consultancy
>      Hardware & software system design, security
>     and networking, systems programming and Admin
> 	      "Have Laptop, Will Travel"
>
------------------------------------------------------
> 
> 
> -- 
> To UNSUBSCRIBE, email to
> debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> 


__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/

Reply to:

Follow-Ups:
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: Philipp Schulte <pschulte@uni-duisburg.de>

References:
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: Dale Amon <amon@vnl.com>

Prev by Date: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
Next by Date: Re: chkrootkit and linux 2.6
Previous by thread: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
Next by thread: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
Index(es):
- Date
- Thread