[Buildroot] [PATCH] glibc: bump default to version 2.23
Peter Korsgaard
peter at korsgaard.com
Mon Jun 27 20:00:16 UTC 2016
>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
Hi,
> Hi.
> My $.02: Ubuntu 16.04 LTS is on 2.23.
> In general we haven't seen big regressions with glibc upgrades
> compared to binutils/gcc.
Ok, good.
> Also, and don't take this as cockyness, i'm like the only one (except
> for Bernd one time) putting out security patches for glibc.
> Currently my spare time is pretty thin, and backporting patches for
> two versions of glibc and testing them is much more work than a single
> version.
> If we default to n-1 this means carrying on more patches since
> generally n-1 has more vulnerabilities than n when talking about
> glibc.
Yes, you do send a lot of package updates (security related or not) -
Thanks for that, much appreciated.
> If in consequence i only post patches for n and we default to n-1,
> well, that sucks plain and simple, since we would be shipping
> known-vulnerable by default, and how many users will bother to switch
> to latest glibc?
> Regards.
Ok, I'm convinced - Committed, thanks.
--
Venlig hilsen,
Peter Korsgaard
More information about the buildroot
mailing list