Mailinglist Archive: opensuse-security (394 mails)

< Previous Next >
do_brk - kernel update?
  • From: Markus Gaugusch <markus@xxxxxxxxxxx>
  • Date: Thu, 4 Dec 2003 11:25:31 +0100 (CET)
  • Message-id: <Pine.LNX.4.58.0312041117480.1791@xxxxxxxxxxxxxxxxxx>
Dear SuSE Security Team!
I know that you are working hard, but today I read a posting on
www.linux-community.de (german linux forum), where they noted that all
major distributors [except SuSE!] have published a kernel update. This
posting is 2 days old!
It makes me a little bit sad, because I'm really a SuSE fan, but the speed
of the security team is in some cases not the best (from my experience:
especially with kernels). I know the strategy, that only old versions get
fixed. Why can't you (in such a severe case) just get the original kernel
source, compile it, make a binary diff with the one on the distribution
(to be sure), patch it, and get it out?
I'm very sure, that the next kernel update will address more issues. But
if those issues need testing that slows down security fixes, I'm a bit
unsure about your strategy.

Markus
PS: I've seen that the update kernel on 9.0 contains stack overflow
protection - I've been waiting for that for Years! But at least it is
there now :-))

--
__________________ /"\
Markus Gaugusch \ / ASCII Ribbon Campaign
markus@xxxxxxxxxxx X Against HTML Mail
/ \

< Previous Next >
Follow Ups