on 11/28/2008 09:27 PM Nikos Chantziaras wrote the following:
Thanasis wrote:
on 11/28/2008 07:59 PM Nikos Chantziaras wrote the following:
Thanasis wrote:
The question is:
Am I supposed/ should I upgrade when a new source tree becomes stable?
>From a security point of view, you're supposed to upgrade the
kernel as soon as a release is made upstream. When a security fix
is made upstream, the vulnerability in question has been disclosed
and any machines not updated to that version are considered vulnerable.
This means that the package will probably be in ~arch in portage and
not marked stable until it's tested for 30 days or more. So
"unstable" (in portage terms) kernels are more secure then stable
ones simply because they're the latest available.
Hmm...OK, let's see...
[snip long list]
....Which one should I upgrade to? :-\
Latest version of the series you're interested in. If you want a
2.6.25 kernel, pick 2.6.25-r9. If you want a 2.6.27 kernel, pick
2.6.27-r4. Security fixes are always backported, that's why you can
choose a 2.6.25 instead of the latest 2.6.27.
The choice between 2.6.25 and 2.6.27 (or any other) is not question of
security anymore though. Pick the one you need/want/works/etc. (I am
using 2.6.27-r4).
OK. I think you have made your point clear. :-)
Thanks.
