From: Nagy Gabor Peter <linux42@freemail.hu>
To: gentoo-hardened@lists.gentoo.org
Subject: [gentoo-hardened] security updates
Date: Sat, 10 Feb 2007 17:02:38 +0100 [thread overview]
Message-ID: <20070210160237.GB5317@swordfish.capgemini.hu> (raw)
Hi list,
I have a question:
Since I am new to gentoo, I don't know how security updates work.
I know Debian. In Debian if I have stable installed on a production
server, I get regular security fixes, often backported from the current
bleeding edge version, where upstream has fixed the bug to the version
that Debian stable contains.
I have noticed that in gentoo there are many versions of a package that
are considered stable. Take glibc as an example, according to
http://packages.gentoo.org/search/?sstring=glibc, on x86 there are 8
versions available, all of them stable.
I have now two gentoo machines, one is going to be production, the
other is used to get me a little bit more familiar with the system.
On the playground machine I have 2006.1 installed, glibc 2.4-r3
On the production machine I have 2006.0, switched to hardened profile,
and then recompile, there I have glibc 2.3.6-r5
I see now that glibc 2.4-r3 should be upgraded to 2.4-r4 (by the way,
where can I check the differences (Changelog) between two gentoo
versions (like r3 and r4)?)
So my question: If someone finds a bug in glibc that gets corrected,
what does the gentoo maintainers do about it? Do they backport the fix
in all 8 versions? Or just in some of the versions and mark the not
fixed ones ~?
Is there some mailinglist (like debian-security-announce) where such
security fixes are announced?
What is the reason that the hardened profile selects the 2.3.6 version
instead of the 2.4? I mean not in glibc's case only, but generally.
Does libc 2.4 have troubles with ssp?
Cheers,
G
--
gentoo-hardened@gentoo.org mailing list
next reply other threads:[~2007-02-10 16:05 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-10 16:02 Nagy Gabor Peter [this message]
2007-02-10 16:43 ` [gentoo-hardened] security updates Tom Hendrikx
2007-02-10 17:02 ` John Schember
2007-02-10 18:21 ` Jean-Pierre Schwickerath
2007-02-11 2:17 ` Andrew Ross
2007-02-11 12:38 ` Kevin F. Quinn
-- strict thread matches above, loose matches on Subject: below --
2010-01-21 12:19 [gentoo-hardened] Security updates Machell, Jonathan
2010-01-21 14:05 ` klondike
2010-01-21 14:06 ` Kerin Millar
2010-01-21 14:12 ` Claes Gyllenswärd
2010-01-21 14:20 ` Andri Möll
2010-01-21 15:36 ` RB
2010-01-21 15:47 ` Machell, Jonathan
2010-01-22 6:36 ` Jonny Kent
2010-01-22 17:29 ` Michael Orlitzky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070210160237.GB5317@swordfish.capgemini.hu \
--to=linux42@freemail.hu \
--cc=gentoo-hardened@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox