Kernel Compiler missmatches
Kees Cook
kees at ubuntu.com
Tue Feb 17 16:45:42 GMT 2009
On Tue, Feb 17, 2009 at 02:09:36PM +0000, Colin Watson wrote:
> We should certainly take care to avoid this problem in future, but for
> now perhaps it is simpler to push 4.2.4 into -security. However, I'd
> like to have the security team's signoff for that.
I'm a little nervous about gcc-4.2 in hardy (there have been a
lot of changes -- 4 full changelogs since release). However, I am
rather interested in getting intrepid's gcc-4.3 updated in -security.
Given that gcc has extensive regression tests, and that we need to find
a way to fix the compiler skew problem, perhaps we can develop some kind
of additional process for promoting gcc into -security from -updates
(i.e. a longer waiting period or some series of better tests).
Traditionally, we always publish a USN for anything in main that appears in
-security. This is a bit tricky for gcc, since they're all strictly bug
fixes, not security issues. I'm not really sure how to "announce" the
appearance of gcc in -security.
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the ubuntu-devel
mailing list