On Tue, 10 Aug 2004 13:19:22 -0700, Steve Langasek wrote: > > The upgrade-only kernels would be intended solely as an intermediate step > during the upgrade process; users should be encouraged to install kernels > from the main archive as well as part of the upgrade process. As such, we > can probably dispense with security support for the upgrade-i386 kernel > packages if necessary.
If we force it to be intermediate, that's fine (ie, we force 2.4.24 or something upon the user, and then force them to upgrade to the latest 2.4 kernel during the rest of the sarge upgrade). However, merely encouraging a user means we'll probably end up w/ a bunch of users who keep running the intermediate kernels. I wouldn't feel comfortable installing a kernel w/ known security holes on a user's machine; especially during a woody->sarge upgrade, as there's a good chance the machine in question is in a production environment. So the question is, can we force a kernel upgrade from this intermediate kernel? Or even better, can we simply do something similar to what the udeb folks do, and keep this intermediate kernel using the image and modules from the latest proper 2.4 -386 package that's in sarge?