LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices



Reply
 
Search this Thread
Old 03-31-2006, 02:24 PM   #1
Nobber
Member
 
Registered: Jun 2002
Location: Nova Scotia
Distribution: Debian (home), Kubuntu 7.04 (work)
Posts: 265

Rep: Reputation: 30
Slackware security updates - for how long?


Does anyone know whether Slackware (i.e. Pat!) has an official policy regarding how long security updates will be provided for a particular version of the distribution? I can't find any info on this anywhere, though presumably I haven't searched hard enough.

I notice that security updates are still being provided for Slackware 8.1 which was released in June 2002 - that's pretty generous! I'm using Slackware 10.1 at the moment and I will almost certainly have upgraded before 10.1 becomes unsupported, but I was just curious when that would be.
 
Old 03-31-2006, 03:56 PM   #2
cwwilson721
Senior Member
 
Registered: Dec 2004
Location: In my house.
Distribution: Ubuntu 10.10 64bit, Slackware 13.1 64-bit
Posts: 2,649
Blog Entries: 1

Rep: Reputation: 66
As far as 'supported' goes, it will be updated/improved/changed for as long as someone has the desire to do so. That's the power of Slackware (and GNU/Linux in general): THERE IS NO ONE CENTRAL MONOLITHIC POWER.

This ain't Windows.

If someone feels like adding/updating, they do. If you need something done that nobody else is doing, figure it out and change it yourself.(Not being 'smart' about it. It's a golden opportunity for you to really learn programming, of which Slackware has a plethora of tools to accomplish that very goal)

Open Source means that anyone can change/modify the programming.(Simplistic, I know, so don't get your keyboard all fired up to bash me on this. Just trying to keep things simple here.) And keep using it.

Heck, I just installed 3.6 on an old P75 to use as a webserver and bash-about box. Slackware is great for that.
 
Old 03-31-2006, 05:00 PM   #3
liquidtenmilion
Member
 
Registered: May 2004
Location: South Carolina
Distribution: Slackware 11.0
Posts: 606

Rep: Reputation: 31
I disagree completely.


Pat ultimately decides what goes into slackware, the community has ultimately no say at all. Sure, they can make suggestions, but chances are they will go unanswered. The community does NO security updates at all, it is entirely up to Pat on when, what, and which versions to upgrade.

And it is all essentially random.
 
Old 03-31-2006, 05:05 PM   #4
cwwilson721
Senior Member
 
Registered: Dec 2004
Location: In my house.
Distribution: Ubuntu 10.10 64bit, Slackware 13.1 64-bit
Posts: 2,649
Blog Entries: 1

Rep: Reputation: 66
You miss my point. While it is true that Pat decides what goes into the ORIGINAL DISTRO, after that, you can do as you wish: Add whatever, subtract whatever, change whatever. The Distro itself is supported by Pat, the individual programs are still up to the individual user.
 
Old 03-31-2006, 05:07 PM   #5
phil.d.g
Senior Member
 
Registered: Oct 2004
Posts: 1,192

Rep: Reputation: 101Reputation: 101
Well, as Pat isn't providing security fixes for Slackware < 8.1, then you can assume that updates to any particular version of slackware will be made for approximately four years after release.

But as has been said, long after Pat stops releasing fixes for a version you can still make your own updates

Last edited by phil.d.g; 03-31-2006 at 05:09 PM.
 
Old 04-01-2006, 06:53 AM   #6
danieldk
Member
 
Registered: Aug 2002
Posts: 150

Rep: Reputation: 15
Some time ago (2002-ish) Pat used to release security updates for the current stable version and one older version (i.e. 7.1 and 8.0, later 8.0 and 8.1). Now he seems to do everything up from 8.1. I guess he has set up a nice build system for building security updates for older versions. We can't complain, 4 years is pretty good. Slack 10.2 is pretty light, so it doesn't hurt to update to 10.2 if you are still running 8.1 . Anyway, if older versions become unsupported, I guess 8.1 will be dropped first, 9.0 later.

Only Pat can give an definite answer to this question.
 
Old 04-01-2006, 09:25 AM   #7
simcox1
Member
 
Registered: Mar 2005
Location: UK
Distribution: Slackware
Posts: 794
Blog Entries: 2

Rep: Reputation: 30
It might be something to do with the kernel version. I don't know what 8.1 uses but if it's the most recent with a 2.2 kernel, that might be why it's kept up-to-date.
 
Old 04-01-2006, 09:29 AM   #8
danieldk
Member
 
Registered: Aug 2002
Posts: 150

Rep: Reputation: 15
IIRC 8.1 used 2.4.18. 8.0 was the last version with a 2.2.x (and 2.4.x) kernel. BTW 8.1 was the first version that uses the new package naming scheme for the main distribution.

Last edited by danieldk; 04-01-2006 at 09:30 AM.
 
Old 04-01-2006, 05:04 PM   #9
Nobber
Member
 
Registered: Jun 2002
Location: Nova Scotia
Distribution: Debian (home), Kubuntu 7.04 (work)
Posts: 265

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by danieldk
Only Pat can give an definite answer to this question.
Looks like I'll have to ask him, then!
 
Old 04-01-2006, 10:01 PM   #10
liquidtenmilion
Member
 
Registered: May 2004
Location: South Carolina
Distribution: Slackware 11.0
Posts: 606

Rep: Reputation: 31
I think it has to do with GCC versions and package naming schemes. Kernel really doesn't matter in security updates, but an up to date GCC is needed to compile most of the newer programs, and 8.1 comes with 2.95 as far as i can remember.


Also note that slackware 8.1 does NOT get every security update that 9.1+ get, simply because a lot of the security updates just will not compile on older versions of slackware.


Pat will essentially provide security updates for as absolutely long as possible. But as i said, if a package cannot compile on older versions, then that program will not get a security update.

In that case, you do NOT get an updated package from pat, and you also can NOT "provide your own security updates" as they won't compile anymore.



In other words, as soon as Pat stops providing some security updates, then you will no longer get security updates at all, not from pat and not from yourself.
 
Old 04-02-2006, 12:14 PM   #11
gargamel
Senior Member
 
Registered: May 2003
Distribution: Slackware, SLAX, OpenSuSE
Posts: 1,629

Rep: Reputation: 142Reputation: 142
Quote:
Originally Posted by Nobber
Looks like I'll have to ask him, then!
That's what I'd suggest.

Not to offend anybody, but some of the answers to your original questions missed the point. Your question was, how long you can expect "official" support by the distributor.

While it is true that you can always apply security patches for individual packages on your own, as Slackware is based on virtually unmodified packages from the original sources, and avoids proprietary vendor patches, it is of course calming and important for production use, when you know that you can count on someone backing you.

BTW, it is not quite true that Pat V. is the only person providing patches for Slackware. He does provide them for many packages, but for some others he collects contributions from other people, assures quality and releases them, as you can read in the Changelog.

Having said that, Pat V. is still the man that makes Slackware something special, as he has a pretty unique feeling or method (not sure, actually) what makes a consistent distribution. I guess we can look forward to things to come, soon... ;-)

gargamel
 
Old 04-02-2006, 12:43 PM   #12
danieldk
Member
 
Registered: Aug 2002
Posts: 150

Rep: Reputation: 15
Quote:
Originally Posted by liquidtenmilion
Also note that slackware 8.1 does NOT get every security update that 9.1+ get, simply because a lot of the security updates just will not compile on older versions of slackware.
Security fixes can often be backported quite easily. This is what Red Hat et al do, and if I recall correctly Pat does this sometimes too.

Quote:
In that case, you do NOT get an updated package from pat, and you also can NOT "provide your own security updates" as they won't compile anymore.
You can, just look up what patch is needed. In the case of buffer overflows, off-by-ones, etc. it is usually patched quite easily.
 
Old 04-03-2006, 12:54 PM   #13
Nobber
Member
 
Registered: Jun 2002
Location: Nova Scotia
Distribution: Debian (home), Kubuntu 7.04 (work)
Posts: 265

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by gargamel
Not to offend anybody, but some of the answers to your original questions missed the point. Your question was, how long you can expect "official" support by the distributor.
I'm glad you said that and not me...

By the way, no response yet from info-AT-slackware.com.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
help with long delayed system updates(?) wooshyFox Debian 1 08-22-2005 08:42 AM
Security Updates Gonto Mandriva 4 04-15-2005 06:40 AM
Need Security Updates........I think. unixfreak Linux - Security 1 08-27-2004 01:30 PM
only security updates rafc Debian 2 06-26-2004 01:27 PM
security updates Tigger Linux - Security 1 09-16-2003 10:38 PM


All times are GMT -5. The time now is 10:07 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration