OpenVZ Forum


Home » General » Discussions » 028stabXXX is no more security supported - unsupported? Why?
028stabXXX is no more security supported - unsupported? Why? [message #30411] Sat, 24 May 2008 07:22 Go to next message
pva0xd is currently offline  pva0xd
Messages: 24
Registered: February 2008
Junior Member
Hello, guys. It was a big surprise for to find out today that the kernel (028stabXXX) which previously was supported and maintained will not include security updates any more:

http://wiki.openvz.org/w/index.php?title=Download/kernel& ;diff=prev&oldid=5216

For me this means that it became unmaintained, or how can it be maintained if there is no security updates included there (/rhetoric question)??? BTW, OTOH the status tells us that it's stable, maintained:

http://wiki.openvz.org/Download/kernel/2.6.18/028stab053.5


In Gentoo we always used this kernel patchset and as it was always the case that upstream handles all security bugs this kernel was not security supported by our Gentoo team. So few answers on my question really help me to find better solution for Gentoo:

1. Could anybody explain why this change occurred at least without prior notification? And why it was done?

2. Any suggestions on how it's supposed for other (not debian/RH) distributions to proceed? Should we start to start security review of this kernel or should we start using redhat patch?

3. What is the difference between 028stabXXX and 53.1.19.el5.028stabXX?

Thanks in advance.

Report message to a moderator

Re: 028stabXXX is no more security supported - unsupported? Why? [message #30498 is a reply to message #30411] Tue, 27 May 2008 14:11 Go to previous message
TheWiseOne is currently offline  TheWiseOne
Messages: 66
Registered: September 2005
Location: Pennsylvania
Member
1. You should use the RedHat based kernels. This is what will be supported.
2. The difference is the kernel they are based off of and what is actively maintained. I believe the reason for basing off of RedHat kernel is that all the hardening and security update work is already performed by RedHat which offloads work from the OpenVZ developers.

Matt Ayres
TekTonic

Report message to a moderator

Previous Topic: No more announces? Please, send mails there!
Next Topic: live migration- Openvz X Xen
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sat Apr 27 03:49:32 GMT 2024

Total time taken to generate the page: 0.02105 seconds
Powered by FUDforum Powered by Virtuozzo Containers