kfx wrote: > R P Herrold wrote: >> On Mon, 11 Feb 2008, kfx wrote: >> >>> The official patch for debian is out since a couple of hours... >>> Why does it take so long for RHEL ? Just a question, not a troll or >>> something. >> >> 1. ask them > it was a question, not a troll (bis). However, you are asking the wrong people ... we have no idea. Also ... it *_IS_* trolling (or at least certainly silly) to post that Debain had the patch and RHEL doesn't ... so let's make RHEL be Debain. Fedora also has the patch released and RHEL doesn't ... I don't want RHEL to be Fedora either. Maybe you are using the wrong distro ... I want stable kernels on my servers, so I'll take the extra day of testing. For people who do not want stable and tested software, switch distros. >> >> 2. there have been reports of stability problems with the patch > you mean that adding a validation of users input in a code lead to > stability problem ? What we mean is this ... once a patch is created upstream it must go through several testing phases. To look for regressions, to QA to verify it does not cause other problems, be compared/intergrated with the other custom patches Red Hat has in its kenrel (more than 1000). It also needs to be tested against the NEWER things that they have already created and have in the pipeline for release. Once they do that they will test it under load on many different platforms and THEN they will release it. As stated earlier in this thread, there *_IS_* still probably going to be a performance issue with NFS when they release this kernel ... so we might have to figure out how we fix that later (as continuing to use 2.6.18-53.1.4 is not really now a viable option). >> -- it does little good to rush out a fix for a non-remote root exploit >> that causes boxes to crash. One assumes some robustness testing is in >> play. I certainly hope so. Russ's comment is exactly the issue at stake. They can not just rush this package out the door to potentially break people's machines ... it needs to be QA tested and regression tested. That is what Enterprise Linux is about, tested and stable releases. Rest assured that as soon as the upstream people have a patch, so will the CentOS team. However, we are not going to rush a non tested patch out the door. There are patches listed on the upstream bug, if you (figurative ... meaning anyone who wants to not wait) really want to integrate that into your own kernels in the interim then please do. Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080212/260c9df1/attachment-0004.sig>