Stable kernel updates
Stable kernel updates
Posted Aug 13, 2010 23:24 UTC (Fri) by spender (guest, #23067)Parent article: Stable kernel updates
see: 52423b90e1f5b1bdbbcc6e32f4d37ada29b790c4
CVE to vulnerability ratio is currently 0.
How can anyone seriously trust the vendor kernels when upstream won't be honest about the changes they're committing? If you're not using the latest kernel.org kernel, you're only getting a fraction of the vulnerability fixes that should be backported.
-Brad
Posted Aug 14, 2010 15:47 UTC (Sat)
by mikachu (guest, #5333)
[Link] (2 responses)
Posted Aug 14, 2010 18:39 UTC (Sat)
by spender (guest, #23067)
[Link] (1 responses)
The community reached consensus over a year ago that this is perfectly acceptable, why do you have a problem with it?
-Brad
Posted Aug 14, 2010 19:44 UTC (Sat)
by nix (subscriber, #2304)
[Link]
(Of course, maybe it's simply unacceptable except *if* it's you. I don't believe you changed your mind, because you still make such a bloody noise in the LWN comments to virtually every stable kernel release, in an apparent effort to eliminate all collegiality whatsoever from the commenting here and make it all viciously adversarial. Thanks heaps.)
Posted Aug 19, 2010 21:28 UTC (Thu)
by chad.netzer (subscriber, #4257)
[Link]
It would be nice to have this statement either validated, or refuted. Which vendors are vulnerable because they have not backported a vulnerability fix, because it isn't disclosed as such in the commit log? It must be many if only "a fraction" of such commits are backported.
Stable kernel updates
Stable kernel updates
If it's not good enough you can pay for Enterprise Linux (tm) support where we'll pay someone to assume my responsibility.
Stable kernel updates
Stable kernel updates