[Full-disclosure] Port Randomization: New revision of our IETF Internet-Draft

[Valdis.Kletnieks at vt.edu]

On Tue, 02 Sep 2008 17:17:43 +0800, Pavel Labushev said:

> "SECURITY PATCH tag on a fix" helps me to know that there is the problem 
> and I must consider the patch, check its correctness and maybe 
> test/backport/apply it to my production systems ASAP. Just as another 
> tags helps me to know that there are realiability and other issues I 
> must care about.

OK, now s/security patch/silent data corruption/ and tell me what's *actually*
different.

Wow, you still need to consider it, check it, test it, and deploy it.

Unless of course you don't give a shit about your data.  But in that case,
the security patch can probably be overlooked too.

That's Linus's point - if the patch is important enough to go into one of
the -stable tree kernels, it's probably something you want to install, whether
or not it's a security patch.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080902/96656963/attachment.bin