Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I don't know what you don't understand: EVERY single kernel fixes a few vulnerabilities. If you lazily refuse to update because none of those say "hint: there is a vulnerability here", then you are taking the deliberate action of skipping some security fixes. Greg's announces always say "all users must upgrade". If there was sometimes a different signal such as "all users must really really really upgrade", then for sure you would simply skip all other ones, as it already seems like you're waiting for a lot of noise before deciding to apply due fixes, and you would remain vulnerable to plenty of other vulns for much longer.

Here the goal was to make sure that all those who correctly do their job are fixed in time. And they were. Those who blatantly ignore fixes... there's nothing that can be done for them.



So you update your kernel for every single commit as soon as it's merged in? If not, you already obviously understand how ridiculous your argument is.

I've already explained that most people have some sort of cadence for updating.

Based on your other comments you're just going to ignorantly parrot Greg's talking points. I don't think you have much insight into this.


> I don't think you have much insight into this.

I don't think you know who wtarreau is.


I obviously am very comfortable disagreeing with people who work on the kernel or adjacent software. Working in those areas does not at all make them correct, or even informed, especially with regards to security.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: