Re: DSA 438 - bad server time, bad kernel version or information delayed?
Florian Weimer <fw@deneb.enyo.de> writes:
> Otavio Salvador wrote:
>
>> If we provide an i386 image to fix a vulnerability and the same is
>> found in other arch, then, someone can try to explore this. We need
>> release all affected at same time to solve this.
>
> But Debian doesn't do this any longer. Do you really think Red Hat,
> SuSE and all the others (including the majority of Debian users on x86)
> should wait because Debian can't backport a security fix to, say, kernel
> 2.4.18 on the s390 architecture?
If the time between is small, IMHO, yes. Of course, on major archs
(i386, powerpc, I think) this should be release at same time.
--
O T A V I O S A L V A D O R
---------------------------------------------
E-mail: otavio@debian.org UIN: 5906116
GNU/Linux User: 239058 GPG ID: 49A5F855
Home Page: http://www.freedom.ind.br/otavio
---------------------------------------------
Reply to: