Re: Which version of 2.6.11 is most stable

From: Rob Landley
Date: Fri Nov 11 2005 - 22:55:01 EST

Next message: Adrian Bunk: "drivers/video/nvidia/ compile error with PPC_OF=y, FB_OF=n"
Previous message: Grant Coady: "[PATCH] Silence cpufreq warning for UP"
Next in thread: Adrian Bunk: "Re: Which version of 2.6.11 is most stable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Monday 07 November 2005 05:51, Adrian Bunk wrote:
> On Mon, Nov 07, 2005 at 03:38:13PM +0530, Mukund JB. wrote:
> > Dear All,
> >
> > I am in the phase of development of a Linux BSP for 2.6.11 kernel.
> > Which version of 2.6.11 kernel can be called best stable? In general
> > where do i get this king of info? I serched in the www.lwn.net but i
> > failed to get the required info.
>
> The latest, IOW 2.6.11.12 .
>
> But note that the 2.6.11 branch is no longer maintained since kernel
> 2.6.12 was released 5 months ago, and therefore lacks e.g. current
> security fixes.

One question I've wondered about for a bit...

The diff between each dot release (ala 2.6.12.0->2.6.12.1) can theoretically
be backported to an older kernel. So in theory, at least some of the new
security fixes can be applied to older kernels. (Yeah, this necessarily
complete. Whether or not the patch makes any sense at all in the older
context, and whether or not that's everything they need to do... That's a
seperate issue. It allows some minimal, relatively straightforward
maintenance to be done on systems that are stuck with older kernels by
management fiat.

The gap is the jump to the next major release. Suppose that 2.6.15 makes it
up to 2.6.15.10, and then 2.6.16 comes out. Are there any security fixes in
2.6.16 that weren't in 2.6.15.10? Fixes which would have been in a 2.6.15.11
if the next big release had been delayed another two weeks?

>From a practical standpoint, somebody stuck on 2.6.15 for another six months
is likely to at least try to apply the next security update (the diff between
2.6.16->2.6.16.1) to their old kernel, but are they missing a week or two's
worth of security fixes?

I'm trying to clarify what my question is: When a new stable kernel comes
out, do the dot-release guys do one more release of security-only fixes to
patch all the known vulnerabilities that the new one addressed before moving
on? Or do they just leave a gap and say "upgrade"?

Rob
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Adrian Bunk: "drivers/video/nvidia/ compile error with PPC_OF=y, FB_OF=n"
Previous message: Grant Coady: "[PATCH] Silence cpufreq warning for UP"
Next in thread: Adrian Bunk: "Re: Which version of 2.6.11 is most stable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]