Patch'es that will (hopefully) be mentioned in 2.4.4..

J.A. Neitzel jan.listbox at belvento.org
Mon Dec 18 11:34:33 PST 2000


On Friday 15 December 2000 12:03, Jesse Tie Ten Quee wrote:
> Ed - http://www.debian.org/security/2000/20001129
> Glibc - http://www.debian.org/security/2000/20000902
>
> After looking at Debian's Security repository it started to make me
> wonder at such packages like modutils and make that were listed...
>
> Not just that, but most of the patch'es provided by Distro's are
> specific to it, adding all there "extra" features, there doesn't seem
> to be a simple patch from the pristine sources for ed, glibc, etc...
> makes me wonder the point of general linux security ;)

I wonder too. :-/

I know that some distros suck at getting patches back to the maintainers. 
Example: RedHat and some flags they added to ModUtils that the maintainer 
said he did not like and were *not* necessary. I think this was mentioned 
on the Kernel Traffi(c|k) list..?

How can we integrate all these patches and even be sure that they apply 
to bugs that *exist* in the pristine sources? I am concerned that all? or 
some? of the distros have conflicting goals with the pristine sources of 
many packages.

> *mumbles away and wonders if anyone knows what he is asking*

Hee Hee, of course we do... Or, I do anyway. There must be a lot of 
people out there with similar questions / concerns.

BTW, I don't mean to knock the Distros. w/o em, where would I have 
begun..? And I do like the tar patch (aka the -y flag, or -I, in the case 
of RedHat)! =o)
-- 
Regards,
J.A. Neitzel
aka Jeff





More information about the lfs-security mailing list