No, but at the same time lets not try to force the thought down the user's throat that they must run every errata kernel that comes out. Quite often an errata kernel will come out that only touches on a security flaw in a section of the kernel that isn't used by the majority of the userbase. There is no sense in updating the kernel if the errata doesn't apply to you. The practice we should preach is reading the errata notices and the changes and see if the new update is really necessary for your implementation. Starts to make more sense when you have a change control board you have to ok every update through, and have to show real cause to do the upgrade.Servers are one thing - but if my desktop is having trouble burning CDS and the new errata kernel has fixes for that, I'm going to update it - and something as ancient as 2.4.20-8 has quite a few issues which have been addressd in 2.4.20-19.
Any errata kernel that fixes a remote exploit should be given top priority on an internet-connected system.
I wonder how Alan Cox would weigh in on this issue...
Best Regards,
Joe
-- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
