[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GRUB 2.06 release
From: |
Eli Schwartz |
Subject: |
Re: GRUB 2.06 release |
Date: |
Tue, 20 Oct 2020 15:12:49 -0400 |
On 10/20/20 3:00 PM, Julian Andres Klode wrote:
> On Mon, Oct 19, 2020 at 05:30:41PM +0100, Pete Batard wrote:
>> Just wanted to mention that the 2.06 release (btw, is GRUB jumping straight
>> from 2.04 [1] to 2.06 then?) delay with the BootHole fixes is starting to
>> create some issues as folks (e.g. Rescuezilla) have started to take upon
>> themselves to cherry pick from the BootHole patches and apply them to things
>> like GRUB 2.02, instead of simply upgrading to a new official release, that
>> would include these fixes.
>
> That's a misunderstanding, nobody would upgrade existing OS to 2.06, you
> can't just upgrade the entire bootloader in a stable OS. You'd only
> upgrade the latest in-development version and cherry-pick fixes to old
> releases.
Well, only rolling release distros would.
I'd like to instead propose a third option though. grub could benefit
from a policy to fork off maintenance branches for CVE fixes, and all
distros would upgrade to 2.04.1 (or 2.02.1), then later on a couple of
rolling release distros would upgrade to 2.06 once it is released.
--
Eli Schwartz
Arch Linux Bug Wrangler and Trusted User
signature.asc
Description: OpenPGP digital signature