Mailinglist Archive: opensuse-security (8 mails)

< Previous Next >
[opensuse-security] Re: [opensuse-kernel] Security updates for 13.2
Hi Marcus,

Am 11.07.2015 um 12:13 schrieb Marcus Meissner:
On Sat, Jul 11, 2015 at 12:08:07PM +0200, Stefan Seyfried wrote:
What is the advised way to keep a 13.2 installation secure?
Or do all those problems of older and newer mainline kernels not affect
the openSUSE kenrel?

The current kernel security issues are not really critical issues,
so we collect them for a while before releasing newer updates.

But if someone (you) is asking, it is probably an idea to run a collected
update again.

Well, my assessment came from Greg K-H's words: "everyone using 4.0 must
upgrade" (and similar), which usually points to fixed security bugs.

If the conclusion is "those are not critical issues for openSUSE
kernels" (which might be the case because e.g. an affected driver is not
even compiled), an announcement from time to time detailing this on
opensuse-security-announce would probably help :-)

"Yes, we know that lots of upstream kernels have been released since we
last updated distribution kernels for A.B and B.C. Issues fixed upstream
include XXX, YYY and ZZZ. Those do not warrant to release openSUSE
kernels because XXX is affecting a driver that's not even built, YYY is
a low-importance local denial of service and ZZZ...", stuff like that :-)

Personally I am not really interested in regular reboots due to kernel
updates, so that would really be more than good enough for me.

Thanks
--
Stefan Seyfried

"For a successful technology, reality must take precedence over
public relations, for nature cannot be fooled." -- Richard Feynman
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation
Follow Ups