-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/22/2010 08:39 AM, Tom Hendrikx wrote: > Just to verify: if I understand > https://bugs.gentoo.org/show_bug.cgi?id=341801 correctly, a secure > replacement for (stable) hardened-sources-2.6.34-r6 on amd64 will not be > stabilized within a month, as it is awaiting baselayout-2 stabilisation > (offtopic: w00t). Or I'd need to downgrade to 2.6.32.
That is correct. When 2.6.35-r4 is stabilized it will be stabilized for all archs. 2.6.34-r6 was *only* fast track stabilized on amd64 for another local root exploit bug [1]. > > For people running baselayout-2 already, there is no reason not to add > hardened-sources-2.6.35-r4 to package.keywords and upgrade? Correct. Even if you are not using baselayout-2 you can try h-s-2.6.35-r4 and see if you get bit by the dhcp bug. If you don't, I see no reason not to just use it. I didn't feel it was justifiable to fast track stabilization of two h-s kernels. Fast track stabilization is dangerous and in fact, 2.6.34-r6 is an example. It has a bug that probably would have been caught if we could have waiting the required 30 days [2]. PLEASE! Report any bugs in h-s-2.6.32-r22 or h-s-2.6.35-r4 asap so we can address them. Ideally stabilized kernels should be bug free. Ref. [1] http://bugs.gentoo.org/show_bug.cgi?id=337645 [2] http://bugs.gentoo.org/show_bug.cgi?id=338572 - -- Anthony G. Basile, Ph. D. Chair of Information Technology D'Youville College Buffalo, NY 14201 (716) 829-8197 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzBuFYACgkQl5yvQNBFVTVDxgCgkzdK646BGMu8S7gwZ8n1yNen IuUAnRwuBTXqZqN80DRNCmkE+IMtiaZ3 =ht5V -----END PGP SIGNATURE-----
