martin f krafft wrote: >also sprach Matthew Garrett <[EMAIL PROTECTED]> [2003.09.21.1= >614 +0200]: >> Should we stop shipping security fixes backported from development >> code? > >It always depends, doesn't it? We are backporting *security* fixes >to packages, but we take care not to introduce new features. I don't >oppose some small modifications to the kernel, fixes and security >backports, but including a 2.5 IPsec stack in 2.4.21 is kinda not in >accordance with that policy, now is it?
It would be inappropriate to do it within a stable release, sure, but it is something that Debian do do in general. In this case it's a chunk of code that has almost nothing to do with the core kernel code - it just so happens that in the pathological case of a kernel patch, there's some awkwardness. That's an indication that our kernel patching system should be rationalised, not that shipping modified kernels is wrong. -- Matthew Garrett | [EMAIL PROTECTED]