Thanasis wrote:
on 11/28/2008 07:59 PM Nikos Chantziaras wrote the following:
Thanasis wrote:
The question is:
Am I supposed/ should I upgrade when a new source tree becomes stable?
>From a security point of view, you're supposed to upgrade the kernel
as soon as a release is made upstream. When a security fix is made
upstream, the vulnerability in question has been disclosed and any
machines not updated to that version are considered vulnerable.
This means that the package will probably be in ~arch in portage and
not marked stable until it's tested for 30 days or more. So
"unstable" (in portage terms) kernels are more secure then stable ones
simply because they're the latest available.
Hmm...OK, let's see...
[snip long list]
....Which one should I upgrade to? :-\
Latest version of the series you're interested in. If you want a 2.6.25
kernel, pick 2.6.25-r9. If you want a 2.6.27 kernel, pick 2.6.27-r4.
Security fixes are always backported, that's why you can choose a 2.6.25
instead of the latest 2.6.27.
The choice between 2.6.25 and 2.6.27 (or any other) is not question of
security anymore though. Pick the one you need/want/works/etc. (I am
using 2.6.27-r4).
