[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GRUB 2.06 release

From: Pete Batard
Subject: Re: GRUB 2.06 release
Date: Tue, 20 Oct 2020 21:06:26 +0100
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1

Hi Eli,

On 2020.10.20 20:12, Eli Schwartz wrote:
I'd like to instead propose a third option though. grub could benefit
from a policy to fork off maintenance branches for CVE fixes, and all
distros would upgrade to 2.04.1 (or 2.02.1), then later on a couple of
rolling release distros would upgrade to 2.06 once it is released.

That sounds like a good alternative too.

Major vulnerabilities such as BootHole need to see some kind of "emergency" release(s) that focuses solely on addressing them. Whether it's a 2.04.1 or a fast tracking of 2.06 (and then moving the non vulnerability related work into a new 2.07) is up to the maintainers, as it's really the delay of seeing any kind of official release with the vulnerability fixed that is a problem.

Of course, this is easier said than done, but, to be honest, I don't think the apparent decision (at least that's how it looks from an outside perspective) of trying to fold BootHole fixes into the 2.06 release has been for the best...



reply via email to

[Prev in Thread] Current Thread [Next in Thread]