On 23 Jun 2005, you wrote in lfs.book: > [EMAIL PROTECTED] wrote: >> Version increment (2.6.12.1) - two security fixes in this one. > > Bad. Does this mean that all 2.6.11.x kernels are vulnerable? Given the
Not necessarily. If the issues (which I haven't looked at yet) have been introduced into 2.6.12 through new code\features, 2.6.11.x won't be affected. That said, there will not be anymore 2.6.11.x releases, as per the guidelines for the 2.6.x.y release series, so any newly disocvered security problems that do affect 2.6.11 will *not* be fixed in a new 2.6.11.x release. > frequency with which kernel security issues are being found, does it > make any sense to refer to any fixed kernel version in the stable book? We have to pick a point in time for the stable releases - changes in kernel internals may result in known working components breaking. THis is true for all the software LFS tracks, although the kernel is probably the most rapidly changing target. What we need is an errata system for stable releases, so we can add such information after a release is made. One of the issues that will need to be discussed if an errata mechanism is followed is how far back errata will be tracked (i.e. do we provide errata for much older releases, i.e. LFS 5.0) - I would suggest we only provide errata for the current stable release, and have a section in the LFS book (perhaps at the end) describing the changing software world, and perhaps recommending some resources the user can access to track security and functionality issues. - -- Steve Crosby -- http://linuxfromscratch.org/mailman/listinfo/lfs-book FAQ: http://www.linuxfromscratch.org/lfs/faq.html Unsubscribe: See the above information page
