Kernel security update would break ABI
Martin Pitt
martin at piware.de
Fri Dec 3 04:30:30 CST 2004
Hi folks!
We currently have a dilemma regarding a Warty security update of the
kernel.
There is a public vulnerability which affects the Warty kernel. We
have a patch and could upload it any time, but this patch changes the
ABI (Application Binary Interface). This should actually be
unacceptable for a security update, but it is required to close the
hole.
An ABI change has the following consequences:
- This would render d-i unbuildable on a security-patched Warty.
However, according to Colin we can neglect that.
- It breaks compatibility with user-installed modules, which is the
actual headache.
There are two possibilities of handling the module issue:
1. Ignore the ABI change and hope that most of the user installed
modules continue to work (but if they don't, this could cause a
mess).
2. Bump the version number, which renders all user-added modules
unloadable. They have to be recompiled against the new kernel to
work again.
Any thoughts and/or preferences?
Thanks and have a nice day,
Martin
--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian GNU/Linux Developer http://www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20041203/35f2eac1/attachment.pgp
More information about the ubuntu-devel
mailing list