Re: Debian Kernel security status?

To: debian-security@lists.debian.org
Subject: Re: Debian Kernel security status?
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 20 Apr 2006 09:28:13 +0200
Message-id: <[🔎] slrne4ee0d.6hf.jmm@inutil.org>
References: <[🔎] 200604191650.27807.listen@stephan.homeunix.net>

Jan Luehr wrote:
> Therefore I suspect, that the debian kernel do have some security flaws, fixed 
> in mainline kernel months ago. Am I wrong here?

The current Sarge kernels have everything fixed (except some issues, which
were intentionally ignored). Since then a few new vulnerabilities have piled
up, but all of them are only minor (local) DoS vulnerabilities (which many vendors
don't fix at all, BTW) or information leaks.

The Sarge kernel build system doesn't allow weekly kernel updates for minor
issues, this will become better only with Etch, when kernels can be auto built.

Unless something grave creeps out before, the next Sarge update will be prepared
during DebConf. 

> - I can say goodbye to linux and use Debian/kBSD

Which has no security support at all, great idea.

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Re: Debian Kernel security status?
  - From: Jan Luehr <listen@stephan.homeunix.net>

References:
- Debian Kernel security status?
  - From: Jan Luehr <listen@stephan.homeunix.net>

Prev by Date: Re: Security status of mozilla-* packages
Next by Date: Re: Security status of mozilla-* packages
Previous by thread: Re: Debian Kernel security status?
Next by thread: Re: Debian Kernel security status?
Index(es):
- Date
- Thread