On Tue, May 02, 2006 at 11:44:43PM +0100, Ken Moffat wrote: > If I'm reading you correctly, that is a pity. 2.6.16.13 is out now > with one fix: > > NETFILTER: SCTP conntrack: fix infinite loop (CVE-2006-1527) > > I still say that while the -stable team is updating the kernel > version we have in the book, it should be a no-brainer to use their > fixes.
It is a no-brainer. The problem is in that they don't seem to do much testing. They spit out versions left and right instead of slowing down a bit, doing some testing, and then releasing. Obviously some like the new release method cause they are doing it that way. I happen to not like it because we are about to release a book that once released will be static? How long should a book editor have to follow a kernel branch just to keep the errata page up to date? And what qualifies as errata? Obviously security fixes, but what else? Everything? Once this book is released, how many regular lfs-dev readers will still track 2.6.16 when the latest and greatest is 2.6.17 or higher? We can't simply assume that slapping a new kernel onto an old host will work, especially with non-static device nodes. When will the next incompatible change happen in udev? Of course, if you are volunteering to track the kernel changes in released books and keep the errata up to date, that would be welcomed. ;) -- Archaic Want control, education, and security from your operating system? Hardened Linux From Scratch http://www.linuxfromscratch.org/hlfs -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
