Fwd: Linux Broadcom 5820 Cryptonet Driver Integer Overflow
Eric Rostetter
rostetter at mail.utexas.edu
Sat Jul 3 03:20:40 UTC 2004
Quoting Jesse Keating <jkeating at j2solutions.net>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Friday 02 July 2004 07:14, Dominic Hargreaves wrote:
>> It shouldn't be allowed to delay the release of 35.x. What is the fsync
>> problem, anyway? I can't find any reference to it with a quick google.
>
> No, but the newly announced CVE should delay the release:
Why? Why delay important fixes because of other important fixes which will
need additional QA testing and possible, probably really, delay the whole
process?
In other words:
* Leave the current test kernel alone and available for QA testing.
* Start a new kernel with the new patches, start it in the QA process.
* If the first kernel finishes QA before the second, release it first.
* If the second kernel finishes QA first, release it and kill off the other.
The current kernel keeps getting more and more delayed as we add more
and more patches, which makes it harder and harder to test properly...
Just my opinion, feel free to ignore it.
--
Eric Rostetter
More information about the fedora-legacy-list
mailing list