From: Rob Landley <rob@landley.net>
To: Adrian Bunk <bunk@stusta.de>
Cc: "Mukund JB." <mukundjb@esntechnologies.co.in>,
linux-kernel@vger.kernel.org
Subject: Re: Which version of 2.6.11 is most stable
Date: Fri, 11 Nov 2005 21:49:08 -0600 [thread overview]
Message-ID: <200511112149.08324.rob@landley.net> (raw)
In-Reply-To: <20051107115131.GD3847@stusta.de>
On Monday 07 November 2005 05:51, Adrian Bunk wrote:
> On Mon, Nov 07, 2005 at 03:38:13PM +0530, Mukund JB. wrote:
> > Dear All,
> >
> > I am in the phase of development of a Linux BSP for 2.6.11 kernel.
> > Which version of 2.6.11 kernel can be called best stable? In general
> > where do i get this king of info? I serched in the www.lwn.net but i
> > failed to get the required info.
>
> The latest, IOW 2.6.11.12 .
>
> But note that the 2.6.11 branch is no longer maintained since kernel
> 2.6.12 was released 5 months ago, and therefore lacks e.g. current
> security fixes.
One question I've wondered about for a bit...
The diff between each dot release (ala 2.6.12.0->2.6.12.1) can theoretically
be backported to an older kernel. So in theory, at least some of the new
security fixes can be applied to older kernels. (Yeah, this necessarily
complete. Whether or not the patch makes any sense at all in the older
context, and whether or not that's everything they need to do... That's a
seperate issue. It allows some minimal, relatively straightforward
maintenance to be done on systems that are stuck with older kernels by
management fiat.
The gap is the jump to the next major release. Suppose that 2.6.15 makes it
up to 2.6.15.10, and then 2.6.16 comes out. Are there any security fixes in
2.6.16 that weren't in 2.6.15.10? Fixes which would have been in a 2.6.15.11
if the next big release had been delayed another two weeks?
>From a practical standpoint, somebody stuck on 2.6.15 for another six months
is likely to at least try to apply the next security update (the diff between
2.6.16->2.6.16.1) to their old kernel, but are they missing a week or two's
worth of security fixes?
I'm trying to clarify what my question is: When a new stable kernel comes
out, do the dot-release guys do one more release of security-only fixes to
patch all the known vulnerabilities that the new one addressed before moving
on? Or do they just leave a gap and say "upgrade"?
Rob
next prev parent reply other threads:[~2005-11-12 3:51 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-07 10:08 Which version of 2.6.11 is most stable Mukund JB.
2005-11-07 11:51 ` Adrian Bunk
2005-11-12 3:49 ` Rob Landley [this message]
2005-11-12 4:32 ` Adrian Bunk
-- strict thread matches above, loose matches on Subject: below --
2005-11-07 13:08 Mukund JB.
2005-11-07 13:37 ` Paolo Ciarrocchi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200511112149.08324.rob@landley.net \
--to=rob@landley.net \
--cc=bunk@stusta.de \
--cc=linux-kernel@vger.kernel.org \
--cc=mukundjb@esntechnologies.co.in \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox