|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Valdis.Kletnieks
vt.edu
Date: Tue Sep 02 2008 - 11:05:31 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 02 Sep 2008 17:17:43 +0800, Pavel Labushev said:
> "SECURITY PATCH tag on a fix" helps me to know that there is the problem
> and I must consider the patch, check its correctness and maybe
> test/backport/apply it to my production systems ASAP. Just as another
> tags helps me to know that there are realiability and other issues I
> must care about.
OK, now s/security patch/silent data corruption/ and tell me what's *actually*
different.
Wow, you still need to consider it, check it, test it, and deploy it.
Unless of course you don't give a shit about your data. But in that case,
the security patch can probably be overlooked too.
That's Linus's point - if the patch is important enough to go into one of
the -stable tree kernels, it's probably something you want to install, whether
or not it's a security patch.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFIvWRLcC3lWbTT17ARAtD0AKCIoKcY3lLQlf95FXzPK2Y8Am1gcQCfZHYa
T1KcHA+mOYkMFpUFLo+3KEY=
=bCG5
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]