Patch'es that will (hopefully) be mentioned in 2.4.4..

J. Jones jdj at darkside.dynup.net
Wed Dec 20 11:52:56 PST 2000


>From what I've seen, the GNU guys are usually the one's that fix the bugs,
and leave it up to the distributions to create patches from the cvs
against their 'stable' release.

I've always snagged my security patches from slackware, and occassionally
debian.

On Tue, Dec 19, 2000 at 07:45:17AM -0500, J.A. Neitzel wrote:
> On Monday 18 December 2000 14:47, Jesse Tie Ten Quee wrote:
> > + J.A. Neitzel wrote:
> > > How can we integrate all these patches and even be sure that they
> > > apply to bugs that *exist* in the pristine sources? I am concerned
> > > that all? or some? of the distros have conflicting goals with the
> > > pristine sources of many packages.
> >
> > Aye!
> 
> I was wondering why the GNU people don't maintain a patches area on their 
> ftp server? I would think with all the software FSF/GNU is involved with, 
> the pristine sources at ftp.gnu.org would have security area.
> 
> I'm no programmer, but it seems like everyone under the sun writes 
> patches when exploits appear. What happens to them all? Don't the GNU 
> people get a hold of them and merge them in? Granted, they would have to 
> undo the Distro-specific parts...
> -- 
> Regards,
> J.A. Neitzel
> aka Jeff
> 
> 





More information about the lfs-security mailing list