From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 30714 invoked from network); 9 Aug 2004 07:56:58 +0000 Received: from smtp.gentoo.org (156.56.111.197) by lists.gentoo.org with AES256-SHA encrypted SMTP; 9 Aug 2004 07:56:58 +0000 Received: from lists.gentoo.org ([156.56.111.196] helo=parrot.gentoo.org) by smtp.gentoo.org with esmtp (Exim 4.34) id 1Bu51d-0004A4-6u for arch-gentoo-dev@lists.gentoo.org; Mon, 09 Aug 2004 07:56:57 +0000 Received: (qmail 13696 invoked by uid 89); 9 Aug 2004 07:56:56 +0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 30706 invoked from network); 9 Aug 2004 07:56:56 +0000 Date: Mon, 9 Aug 2004 00:56:17 -0700 From: Greg KH To: gentoo-dev@lists.gentoo.org Message-ID: <20040809075617.GF16097@kroah.com> References: <20040808185144.GB29077@mail.lieber.org> <20040809063416.GA13690@kroah.com> <200408090946.06614.pauldv@gentoo.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200408090946.06614.pauldv@gentoo.org> User-Agent: Mutt/1.5.6i Subject: Re: [gentoo-dev] GLEP 19, reloaded (again) X-Archives-Salt: 8e95a39f-0605-403d-9e5c-7faac2ce6a71 X-Archives-Hash: 02dd047560cbd3ecd11c868318909793 On Mon, Aug 09, 2004 at 09:46:06AM +0200, Paul de Vrieze wrote: > On Monday 09 August 2004 08:34, Greg KH wrote: > > On Sun, Aug 08, 2004 at 06:51:44PM +0000, Kurt Lieber wrote: > > > Third, many folks want long-term support of these releases. I > > > *don't* think this is viable and am not willing to personally sponsor > > > this. A core component of this GLEP is that we will *not* be > > > backporting security fixes. > > > > So what would happen for security fixes? Rely on the latest release > > from upstream to be used instead? This can cause real problems, as a > > lot of SATA users just found out with the most recent Fedora kernel > > update due to the security fix. They went with the most recent kernel, > > which happened to rename their disk drives. > > Testing is of course necessary. At each time it needs to be considered > whether backporting or upgrading is the best way to go. In many cases > backporting only amounts to isolating the changes to the current ebuild > and applying that patch to the old version. One needs some knowledge of > the programming language used to judge the probable impact but for many > patches one can be quite confident that the impact is minimal. Also realize that we almost always have access to just the security patch that is needed, because this is what other distros do. So it's not usually a case that we need to create the patches ourselves for this. thanks, greg k-h -- gentoo-dev@gentoo.org mailing list