[linux-elitists] Laptop that doesn't suck?

Greg KH greg@kroah.com
Fri Jan 23 18:19:08 PST 2004


On Fri, Jan 23, 2004 at 05:24:41PM -0800, Teh Entar-Nick wrote:
> begin  Greg KH  quotation:
> > 
> > 2.4.18 has so many security holes, and is so old...  that's just
> > scary...
> 
> Here's the top two changelog entries for the debian package:
> > kernel-image-2.4.18-1-i386 (2.4.18-12.1) stable-security; urgency=high
> >  
> >   * Non-maintainer upload by the Security Team
> >   * Built against kernel kernel-source-2.4.18-2.4.18-14.1
> >     - Applied patch by Andrea Arcangeli to fix local privilege escalation
> >       discovered by Paul Starzetz (CAN-2003-0985)
> >  
> >  -- Martin Schulze <joey@infodrom.org>  Mon,  5 Jan 2004 16:37:09 +0100
> >  
> > kernel-image-2.4.18-1-i386 (2.4.18-12) stable-security; urgency=high
> >  
> >   * Rebuilt against kernel-source 2.4.18-14.
> >     . Added TASK_SIZE check to do_brk in mm/mmap.c.
> >  
> >  -- Herbert Xu <herbert@debian.org>  Sat, 29 Nov 2003 10:11:02 +1100
> 
> Still scared?

Very much so.  Nothing like backporting fixes to a kernel base that is
almost 2 years old (looks like 2.4.18 came out in Feb 2002) to cause
major headaches.

And saying that Linux doesn't support new devices, yet continuing to run
such an old kernel gets no sympathy from me.  What do people expect,
developers to have time machines?

Bah.

greg k-h



More information about the linux-elitists mailing list