Re: Debian Kernel security status?
On Thu, Apr 20, 2006 at 04:18:28PM +0200, Jan Luehr wrote:
> Well, looking back at woody, kernel updates appear infrequently and not that
> often. I can remeber that we asked for a kernel-update but nothing came
> around.
I can't speak for the stable security team; but I suspect it was a
lack of resources. The kernel story in woody was a mess - 10
kernel-source packages, plus at least two architectures that included
their own source. Sarge is a lot more sane (2 kernel-source
packages), and etch is looking like it will be even more manageable (1
source package with autobuildable images).
> Btw. Why do a lot of DSAs care about oldstable, while kernel-updates avoid
> woody?
We've prepared updates for oldstable:
http://wiki.debian.org/DebianKernelWoodyUpdateStatus
Though there were problems with these getting uploaded - I'm not sure
what the current status of this is. I also haven't heard any feedback
from users about woody updates - I can only assume that there are not
many security-concerned users running woody kernels these days, or
they just don't read d-d-a/planet... or they just remain silent.
Note that woody security support ends next month, so there probably
won't be anything beyond this update.
--
dann frazier
Reply to: