On Fri, Dec 12, 2008 at 08:53:43AM +0000, Marcin Owsiany wrote: > On Thu, Dec 11, 2008 at 12:11:05PM -0700, dann frazier wrote: > > On Thu, Dec 11, 2008 at 06:49:59PM +0000, Dominic Hargreaves wrote: > > > On Thu, Dec 11, 2008 at 11:38:28AM -0700, dann frazier wrote: > > > > Yes - 2.6.18 is in stable, and as such will be security supported for > > > > at least another year. Minor/local DoS security issues in the kernel > > > > are very frequent, so updated packages are constantly in > > > > preparation. Preparing kernel updates is resource intensive so, unless > > > > there's a severe issue, etch users should expect 2.6.18 and 2.6.24 > > > > updates to be staggered. > > > > > > Yup, that's pretty much what I expected to hear; thanks for confirming. > > > > > > May I make a suggestion that you include a comment along these lines in > > > the advisory texts? It would help reassure users that things haven't been > > > forgotten about greatly. > > > > Yes, this has been a FAQ since the release of etchnhalf. I'll see > > about adding something to the text template. Does this look ok? > > > > Debian 'etch' includes linux kernel packages based upon both the > > 2.6.18 and 2.6.24 linux releases. All known security issues are > > carefully tracked against both packages and both packages will > > receive security updates until security support for Debian 'etch' > > ceases. However, given the high frequency at which low-severity > > security issues are discovered in the kernel and the resource > > requirements of doing an update, non-critical 2.6.18 and 2.6.24 > > updates will typically release in a staggered or "leap-frog" > > fashion. > > I'd suggest you add something more explicit, maybe: > > [fashion], that is when higher-severity issues are fixed. > > or something similar.
Well, I don't think that's what I mean. High-severity fixes will release as soon as possible - likely simultaneously. -- dann frazier -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
