Hello, Am Donnerstag, 20. April 2006 09:28 schrieb Moritz Muehlenhoff: > Jan Luehr wrote: > > Therefore I suspect, that the debian kernel do have some security flaws, > > fixed in mainline kernel months ago. Am I wrong here? > > The current Sarge kernels have everything fixed (except some issues, which > were intentionally ignored). Since then a few new vulnerabilities have > piled up, but all of them are only minor (local) DoS vulnerabilities (which > many vendors don't fix at all, BTW) or information leaks.
Well, that sounds good. > The Sarge kernel build system doesn't allow weekly kernel updates for minor > issues, this will become better only with Etch, when kernels can be auto > built. Well, looking back at woody, kernel updates appear infrequently and not that often. I can remeber that we asked for a kernel-update but nothing came around. Btw. Why do a lot of DSAs care about oldstable, while kernel-updates avoid woody? > Unless something grave creeps out before, the next Sarge update will be > prepared during DebConf. > > > - I can say goodbye to linux and use Debian/kBSD > > Which has no security support at all, great idea. Of course you are right here, but for the moment I'm looking for a way to keep my systems safe. Following the 2.6.patchlevel.dowereallyneedanotherpatchlevel line is rather i extensive. Keep smiling yanosz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
