Bugs and Releases Numbers

Bugs and Releases Numbers

[Richard B. Tilley (Brad)]

[-- Attachment #1: Type: text/plain, Size: 413 bytes --]

Hello,

How are bug patches worked into the current stable release? For example,
the ext3 file corruption bug in 2.4.20, was that patch worked into the
kernel or will it be included in 2.4.21? I'm confused about the exact
details of this type of thing. If the patch was worked in to 2.4.20, how
can one tell as the release number doesn't/hasn't changed?

Please cc me on replies.

Thank you,

Brad


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 232 bytes --]

Re: Bugs and Releases Numbers

[Adrian Bunk]

On Mon, Jan 13, 2003 at 09:53:36AM -0500, Richard B. Tilley  (Brad) wrote:

> Hello,

Hi Richard,

> How are bug patches worked into the current stable release? For example,
> the ext3 file corruption bug in 2.4.20, was that patch worked into the
> kernel or will it be included in 2.4.21? I'm confused about the exact
> details of this type of thing. If the patch was worked in to 2.4.20, how
> can one tell as the release number doesn't/hasn't changed?
>...

the kernel that was released as 2.4.20 will never be changed.

The ext3 problems are fixed in the 2.4.21-pre kernels and the fixed ext3 
code will be in 2.4.21.

> Thank you,
> 
> Brad

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

Re: Bugs and Releases Numbers

[Richard B. Tilley (Brad)]

[-- Attachment #1: Type: text/plain, Size: 1644 bytes --]

So, if a major security bug was discovered in stable that impacted many
systems in a very fundamental way, then a patch would be written and
applied right away and a new kernel would be released, no?

If that ever happened, what would become of the patches that had been in
pre? Would they be included in the new kernel too, or not?

On Mon, 2003-01-13 at 10:07, Adrian Bunk wrote:
> On Mon, Jan 13, 2003 at 09:53:36AM -0500, Richard B. Tilley  (Brad) wrote:
> 
> > Hello,
> 
> Hi Richard,
> 
> > How are bug patches worked into the current stable release? For example,
> > the ext3 file corruption bug in 2.4.20, was that patch worked into the
> > kernel or will it be included in 2.4.21? I'm confused about the exact
> > details of this type of thing. If the patch was worked in to 2.4.20, how
> > can one tell as the release number doesn't/hasn't changed?
> >...
> 
> the kernel that was released as 2.4.20 will never be changed.
> 
> The ext3 problems are fixed in the 2.4.21-pre kernels and the fixed ext3 
> code will be in 2.4.21.
> 
> > Thank you,
> > 
> > Brad
> 
> cu
> Adrian
> 
> -- 
> 
>        "Is there not promise of rain?" Ling Tan asked suddenly out
>         of the darkness. There had been need of rain for many days.
>        "Only a promise," Lao Er said.
>                                        Pearl S. Buck - Dragon Seed
> 
-- 
Richard B. Tilley (Brad), System Administrator & Web Developer
Virginia Tech, Office of the University Bursar
Phone: 540.231.6277
Fax: 540.231.3238
Page: 557.0891
Web: http://www.bursar.vt.edu
GPG Key: http://www.bursar.vt.edu/rtilley/pgpkey

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 232 bytes --]

Re: Bugs and Releases Numbers

[jw schultz]

On Mon, Jan 13, 2003 at 10:17:22AM -0500, Richard B. Tilley  (Brad) wrote:
> So, if a major security bug was discovered in stable that impacted many
> systems in a very fundamental way, then a patch would be written and
> applied right away and a new kernel would be released, no?

No.  A new kernel need not be released right away.  Patches
would be made available for affected recent releases.
Anyone running self-built downloaded kernels is expected to
be able to patch them when needed.  Distributions would
apply the patch to their trees and make the new kernel
(source and binaries) available through their usual security
update channels.

It simply isn't necessary to rush a release (contrary to the
principles of stable) just because there is a security hole.
Patches are sufficient.  Besides, most sites run the
distribution kernels anyway so they will get the fix through
those channels.


> If that ever happened, what would become of the patches that had been in
> pre? Would they be included in the new kernel too, or not?
> 
> On Mon, 2003-01-13 at 10:07, Adrian Bunk wrote:
> > On Mon, Jan 13, 2003 at 09:53:36AM -0500, Richard B. Tilley  (Brad) wrote:
> > 
> > > Hello,
> > 
> > Hi Richard,
> > 
> > > How are bug patches worked into the current stable release? For example,
> > > the ext3 file corruption bug in 2.4.20, was that patch worked into the
> > > kernel or will it be included in 2.4.21? I'm confused about the exact
> > > details of this type of thing. If the patch was worked in to 2.4.20, how
> > > can one tell as the release number doesn't/hasn't changed?
> > >...
> > 
> > the kernel that was released as 2.4.20 will never be changed.
> > 
> > The ext3 problems are fixed in the 2.4.21-pre kernels and the fixed ext3 
> > code will be in 2.4.21.
> > 
> > > Thank you,
> > > 
> > > Brad
> > 
> > cu
> > Adrian
> > 
> > -- 
> > 
> >        "Is there not promise of rain?" Ling Tan asked suddenly out
> >         of the darkness. There had been need of rain for many days.
> >        "Only a promise," Lao Er said.
> >                                        Pearl S. Buck - Dragon Seed
> > 
> -- 
> Richard B. Tilley (Brad), System Administrator & Web Developer
> Virginia Tech, Office of the University Bursar
> Phone: 540.231.6277
> Fax: 540.231.3238
> Page: 557.0891
> Web: http://www.bursar.vt.edu
> GPG Key: http://www.bursar.vt.edu/rtilley/pgpkey



-- 
________________________________________________________________
	J.W. Schultz            Pegasystems Technologies
	email address:		jw@pegasys.ws

		Remember Cernan and Schmitt

Re: Bugs and Releases Numbers

[Richard B. Tilley (Brad)]

[-- Attachment #1: Type: text/plain, Size: 1253 bytes --]



On Mon, 2003-01-13 at 17:52, jw schultz wrote:

> No.  A new kernel need not be released right away.  Patches
> would be made available for affected recent releases.
> Anyone running self-built downloaded kernels is expected to
> be able to patch them when needed.  Distributions would
> apply the patch to their trees and make the new kernel
> (source and binaries) available through their usual security
> update channels.

It has been my experience that distro kernels come with everything and
then more of everything. Sure, they're mostly modular, but this approach
adds complexity that's unnecessary. So, I normally get kernel.org stable
kernel source and build a non-modular kernel specifically for my
hardware. 

I was just trying to determine how security patches are handle by the
kernel developers, that's all. The idea that people should look to
distros for security is absurd to me, especially if the bug in question
affects the vanilla kernel.
 
> It simply isn't necessary to rush a release (contrary to the
> principles of stable) just because there is a security hole.
> Patches are sufficient.  Besides, most sites run the
> distribution kernels anyway so they will get the fix through
> those channels.


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 232 bytes --]