Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Linus Torvalds requests no more patches be submitted - for now, Security hole fix coming soon

Jan 28, 1999, 00:23 (0 Talkback[s])

Linus Torvalds spoke to the Linux-kernel mailing list:

Guys,
I'm getting my mailbox filled up with new patches, apparently because people believe that I will start applying them again just because 2.2.0 is out. That is NOT so.

2.2.0 may be out, but we're still in "serious bugfixes only" mode - and will be so for all of the 2.2.x series until I open up 2.3.x. I'm not interested in patches unless you can clearly show that the patches fix a _serious_ bug.

Basically, I don't expect to release a 2.2.1 in several weeks, unless something _really_ bad comes up. And even then, 2.2.1 will just be a serious fix release - there is absolutely no point in sending me patches now that you wouldn't have sent for 2.2.0-final.

I'm just deleting any patches I see that are not obvious show-stoppers, and I'm ignoring any bug-reports for anything but 2.2.0 - this means that I'm not interested in reports about 2.2.0ac1 or anything else with any non-standard patches (the only patch I suggest you apply is the "ess" compilation bug, and even that can be worked around by just compiling as a module).

Basically, you have to realize that it takes at least a month for people to really have pounded on 2.2.0, and before it has been seriously tested to find any show-stoppers, I'm not interested in cosmetic fixes (even if they are "real" bugs, they have to have a serious impact on testing basic stability for me to care).

In short: let us find the _real_ problems first. Further development is stopped intil that happens, because I'm NOT willing to have any new interactions until all the old ones are resolved.

Linus


Alan Cox piped up with:

"IMHO the any user can crash the machine by running a core dump fix is a bad bug. I'd like to see a 2.2.1 with just that and the ess fix pair in it (there's another one liner compile fix for the Alpha) - add to sb_ess.c. I don't care that much about the Alpha one liner (sorry Alpha owners)"


Linus' response:

Yes. The bug Ingo found _is_ a show-stopper. But if you actually read my email, you would have seen the "unless there is a showstopper" caveat. It seems we will make a 2.2.1 within days, but it's only going to contain those kinds of fixes.

That doesn't change the basic issue - I'm _not_ interested in anything _but_ showstoppers at this point, and I won't be for a few more weeks.

So, expect a fix for this security bug in a few days. -lt ed