--On April 19, 2006 4:50:27 PM +0200 Jan Luehr <[EMAIL PROTECTED]> wrote:
Hello, looking at the recent vanilla changes, there seem to be a rather rapid development at the moment ;-) and I've to confess, that I lost the overview, what sec-holes do affect debian and which don't. I was frightend recently, then I noticed that 2.4.27 was fixing somecve-2004 stuff other a month ago as well as 2.6. Just take a look at CVE-2004-1017. It was fixed in red hat in january 2005 and fixed in debian in march 2006. Therefore I suspect, that the debian kernel do have some security flaws, fixed in mainline kernel months ago. Am I wrong here? This takes me to a difficult point: - I can run 2.4 on my servers, what is considered to be depracted for etch. - I can use the debian kernels and risk being compromised. - I can say goodbye to linux and use Debian/kBSD - I can use my own vanilla builds, building a new kernel every day. (Looking at the amount of patches since april 12th.) Anyway, what do you recommend? And is there any public status / shape information on the debian kernels?
Increasingly 2.6 is unsuitable for production use due to its huge amount of change and lack of stable tree. There was a decision to do away with the old split development/odd numbered development model sometime after about 2.6.11 so all hope of a stable 2.6 series is gone.
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]