Whither Fedora Legacy?
Whither Fedora Legacy?
Posted Jan 20, 2005 14:57 UTC (Thu) by garloff (subscriber, #319)Parent article: Whither Fedora Legacy?
Fixing a security problem by just updating to a newer version often is
the easiest and quickest that a distributor can do.
And some users will appreciate to get version updates this way.
However, there are serious downsides:
* The newer version may behave differently in subtle or less subtle
ways.
* If the package contains libraries ... that other packages depend on,
updating to newer versions may introduce breakage at various hard-to
determine places.
This means that these version updates will worsen the quality and
consistency of the distribution over time. But then, a year of security
updates is not much anyways.
If you plan to keep a distro running for a while, you may well want to
chose a distro that does avoid version updates as security patches.
Posted Jan 21, 2005 0:02 UTC (Fri)
by giraffedata (guest, #1954)
[Link]
Version upgrades of major pieces of my system, such as the kernel, are too destabilizing for me, so when I need a security fix, I try to find just the security fix and apply it myself. But I've had a rather hard time finding them, particularly for the Linux kernel. There are copious web sites reporting security flaws and pointing you to a version upgrade that fixes it, but they don't usually have the actual fix.
If anyone knows where one can find individual kernel security fixes, please post.
Plus, the new version may have bugs, including security ones.
Fix by version upgrade