Hi Marcus, Am 11.07.2015 um 12:13 schrieb Marcus Meissner:
On Sat, Jul 11, 2015 at 12:08:07PM +0200, Stefan Seyfried wrote:
What is the advised way to keep a 13.2 installation secure? Or do all those problems of older and newer mainline kernels not affect the openSUSE kenrel?
The current kernel security issues are not really critical issues, so we collect them for a while before releasing newer updates.
But if someone (you) is asking, it is probably an idea to run a collected update again.
Well, my assessment came from Greg K-H's words: "everyone using 4.0 must upgrade" (and similar), which usually points to fixed security bugs. If the conclusion is "those are not critical issues for openSUSE kernels" (which might be the case because e.g. an affected driver is not even compiled), an announcement from time to time detailing this on opensuse-security-announce would probably help :-) "Yes, we know that lots of upstream kernels have been released since we last updated distribution kernels for A.B and B.C. Issues fixed upstream include XXX, YYY and ZZZ. Those do not warrant to release openSUSE kernels because XXX is affecting a driver that's not even built, YYY is a low-importance local denial of service and ZZZ...", stuff like that :-) Personally I am not really interested in regular reboots due to kernel updates, so that would really be more than good enough for me. Thanks -- Stefan Seyfried "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." -- Richard Feynman -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org