Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux 4.3 Reached End of Life; Users Need To Move To Linux 4.4

Posted by timothy on from the last-stop-folks dept.

prisoninmate writes: As some of you may know, Linux 4.3 was not an LTS (Long Term Support) release, so the last maintenance build is now Linux kernel 4.3.6, as announced earlier by Greg Kroah-Hartman, a renowned kernel developer and maintainer. While he's telling users of the Linux 4.3 series to update to the 4.3.6 point release, he also urges them, especially OS vendors, to move to the most advanced stable series, in this case, Linux kernel 4.4 LTS, which just received its second point release the other day. However, it appears that Linux kernel 4.3.6 is quite an update, as it changes a total of 197 files, with 2310 insertions and 963 deletions, bringing some much-needed improvements.

48 of 111 comments (clear)

  1. 4.x ? by Anonymous Coward · · Score: 3, Funny

    Forget 4.3.x vs 4.4.x - I'm still on 2.6.x you insensitive penguins!

    1. Re:4.x ? by Anonymous Coward · · Score: 5, Funny

      You must be running Debian unstable?

    2. Re:4.x ? by NotInHere · · Score: 1

      +1 funny

    3. Re:4.x ? by ls671 · · Score: 1

      Hey man, don't make fun of me! I am still on 2.6 on most machines, 3.2 on more recent machines...

      $ uname -a
      Linux XXX 2.6.30.5 #4 SMP PREEMPT Sun Dec 29 21:46:53 EST 2013 i686 unknown unknown GNU/Linux

      $ uname -a
      Linux XXX 3.2.45 #1 SMP Fri Oct 3 14:32:04 EDT 2014 x86_64 Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz GenuineIntel GNU/Linux

      --
      Everything I write is lies, read between the lines.
    4. Re:4.x ? by Anonymous Coward · · Score: 1

      Which is insane. Distros should just follow the stable upstream kernels. The Linux ABI is solid so there's absolutely no reason to stick with an old kernel that the distro may have patched. We already know that many distros are bad at fixing security problems in their package repositories, perhaps the kernel package maintainers have a better track record. That said, it's still a completely unnecessary extra step for patches to have to be backported for every single security hole found and fixed upstream. The upstream kernel maintainers already put a huge amount of effort into making the kernel releases stable and compatible.

    5. Re:4.x ? by Anonymous Coward · · Score: 4, Insightful

      Sorry, you don't get to decide what is right for me.
      If I want upstream to decide over the end user I would allow Microsoft to push Windows 10 to my Windows 7 machine.

      Also, not every machine is connected to internet. If I use an old kernel on my CNC machine in the basement then not breaking microsecond timings is way more important than the next security fix. If the next security fix breaks anything I might just as well throw the machine in the dumpster. The risk of hacking is insignificant compared to being able to use the machine for its intended purpose.

      Functionality first, security second. If you do it the other way around and doesn't get a brick without any form of connector you are doing it wrong.

    6. Re: 4.x ? by qbast · · Score: 2

      It is not about damn ABI. It is about uncertainty if new release will break suspend support in your laptop or if your devices will get flaky or stop working altogether.

    7. Re:4.x ? by KiloByte · · Score: 3, Informative

      As of today unstable uses 4.3.5.

      Then you need to update, current unstable has 4.4.2-2.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    8. Re: 4.x ? by kthreadd · · Score: 1

      Well if more people used current kernels instead of old kernels then these problems would be caught quicker with more people testing them. And it's not like the old distro kernels never fail. I have plenty of examples where both Ubuntu and Red Hat have introduced bugs in their kernel that the upstream kernel never had.

    9. Re:4.x ? by F.Ultra · · Score: 1

      Well most exploits are local anyway so unless he have other people logging into his machine or running software with exploits (and if so then those exploits in themselves is usually enough to gain root anyway) he has really nothing to fear here. Yes there have probably been remote exploits detected in the kernels that he runs, but they are then connected to certain remove file systems or communications protocols that he probably doesn't use either.

      If some one gains access to your system it's 99% likely to be due to exploits in userspace and not the kernel.

    10. Re:4.x ? by ls671 · · Score: 1

      Nope all patched

      --
      Everything I write is lies, read between the lines.
    11. Re:4.x ? by ls671 · · Score: 1

      Exactly, same here it is called: backports

      --
      Everything I write is lies, read between the lines.
    12. Re:4.x ? by HexaByte · · Score: 1

      2.6.15 on my Fedora Core 5 Samba server that just won't break! 10 years now, and even then it was created from a used Dell WinDoze machine. The new server that was to replace it in 2013 (3.9) has already lost a hard drive.

      --
      HexaByte - he's a square and a half!
  2. Re:I don't get this by Aighearach · · Score: 4, Insightful

    In the old days anybody who ran linux knew that updates were the source of new bugs. They also damage uptime.

    Seriously now, who here is stupid enough to run an update only because it is new, or because they're asked to update frequently?

  3. Re:I don't get this by EzInKy · · Score: 2

    That is just plain silly. The longer the code is out there, the more likely that holes will be found. This applies to both closed and open source software.

    --
    Time is what keeps everything from happening all at once.
  4. Interested in DD-WRT by jddj · · Score: 1

    The much-vaunted router firmware is at kernel 3.Something. Can it truly be said to be a Linux variant? If so, how can it be so far behind?

    1. Re:Interested in DD-WRT by Gaygirlie · · Score: 2

      As far as I know, DD-WRT is run by some small, slow company called NewMedia-NET GmbH -- it's not really a community-project like e.g. OpenWRT is, and they don't really have much of an incentive to keep things properly updated. A vendor here and a vendor there pays them a few bucks to get DD-WRT running on their hardware, but after that it's mostly just abandoned. OpenWRT is already in the progress of moving to 4.x - series kernels, but I don't know how far away the next release is, and those guys seemingly try their best to keep all supported hardware up-to-date.

    2. Re:Interested in DD-WRT by Gaygirlie · · Score: 2

      OpenWRT's hardline attitude towards binary blob drivers has left it without official support of modern wifi on any router.

      Oh, really? How come e.g. my 802.11AC NBG6716 is working fine? Oh, right, because there are actually quite a few modern WiFi-routers out there that don't need binary blob drivers to work!

    3. Re:Interested in DD-WRT by Smask · · Score: 1

      root@DD-WRT:~# uname -a
      Linux DD-WRT 4.4.0 #180 SMP Mon Jan 25 06:34:34 CET 2016 armv7l DD-WRT

      The firmware on this router is a couple of weeks old.

    4. Re:Interested in DD-WRT by Anonymous Coward · · Score: 2, Insightful

      The FCC is busy putting an end to that.

    5. Re:Interested in DD-WRT by Smask · · Score: 1

      The firmware on this router is a couple of weeks old.

      Not any longer. Linux DD-WRT 4.4.2 #339 SMP Fri Feb 19 06:25:39 CET 2016 armv7l DD-WRT as of now.

    6. Re:Interested in DD-WRT by jddj · · Score: 1

      Interesting, and useful information, thanks.

      From 12/24/2015, my firmware flash gives:

      Linux XXXXXXXXXXRouter 3.10.94 #10909 Thu Dec 24 11:05:12 CET 2015 mips DD-WRT

      Is it the mips/Broadcom architecture that's holding it back? Where do I find a 4.N? I only ever see 2.6 and 3 being offered.

  5. Re:I don't get this by Gaygirlie · · Score: 1

    I'm still running 3.4! Though, that's only because the drivers for the device aren't available on a newer kernel, not because I want to be running such an old kernel :/

  6. Re:I don't get this by the_humeister · · Score: 1

    My laptop's trackpad doesn't work with 4.4.x. Can't find the reason why. It does work with 4.1.x and 4.3.x. So I guess I'm going back to the 4.1.x line.

  7. Re:Why? This is as bad as Firefox by ChunderDownunder · · Score: 1

    Integrators, not long term end-users.

    Features added in 4.3 that people want to test their product against. If 4.4.is too bleeding edge then they can use 4.3 as a baseline until 4.5 is out and 4.4. becomes the new previous stable release.

    i.e. All the cool stuff is happening in 4.5 right now but 4.4 might still contain regressions or unstable behaviour so maintainers keep the 4.3 branch alive for a little while.

  8. Re:I don't get this by ls671 · · Score: 2

    Have you ever heard about backports??? It has the advantage of patching the hole without risks to introduce new holes usually.

    --
    Everything I write is lies, read between the lines.
  9. Re:I don't get this by Aighearach · · Score: 4, Insightful

    If you approach information that says a different thing than you expected, the first response should probably be to ask what you don't know, not just wave your hands and presume it is "silly." Worse, you should avoid embarrassing yourself with the claim that it is "plain" silly, because actually it is a mainstream argument that is a standard, traditional corollary to the point you did hear about that mention.

    Yes, over time bugs are better known. That means they've already been mitigated. The new bugs that you don't know about, haven't been mitigated. In old-school *nix, it was normal to have ancient bugs in software specifically because it was very important to the security of the system and the known holes all had mitigation strategies.

    It is still applicable. The reason a lot of youngsters these days are confused by the whole situation is that general purpose workstations that are frequently updated because they have applications that get updated, well those systems aren't locked down in the way a server is; those systems have poor security practices generally, because of the tradeoff between security and convenience. A person who doesn't care about the app updates can use the old system, and will likely be more secure even with the old bugs, if they're mitigating the ones that need mitigation.

    If you ever meet a BOFH who manages secure routers, you should bring this up and ask them about it. You'll find out that the theory is well established, very strict, and has a great track record.

    This is why many banks still have important code written in cobol running on `70s minicomputers. It isn't because they can't afford the upgrades, or don't like upgrading equipment; it is because the code is too important to introduce uncertainties, including the ones that fix bugs. Now, maybe you think that mainstream engineering practices that banks use is just silly stuff, not suited for serious professionals, but I would have to insist on differing.

  10. Re:I don't get this by Anonymous Coward · · Score: 1

    $ uname -r
    4.3.5-300.fc23.x86_64

    Fedora users apparently. Kernel 4.4 is in the process of being rolled out to F22 and F23 though.Unlike some other distros Fedora does not have a policy of

    backporting kernel patches, they just upgrade once the new kernel release has reached about .2 or so.

  11. Re:I don't get this by armanox · · Score: 1

    Up until a couple of years (2011 I think?) ago SGI was still releasing security updates for IRIX 6.5. Are you still running old software on there, using nekoware, or compiling software yourself on it?

    --
    I'm starting to think GNU is the problem with "GNU/Linux" these days.
  12. Re:Why? This is as bad as Firefox by armanox · · Score: 1

    Someone isn't paying attention at all. First, this is pure Linux. You don't get to say GNU/Linux when the talk is about the kernel itself. Second, there are short term support kernels and long term support kernels. The STS kernels are for the users that don't care about support (aka your average basement dweller). The LTS kernels get supported for years to come, and are what the enterprises are going to be using.

    --
    I'm starting to think GNU is the problem with "GNU/Linux" these days.
  13. Would you by aglider · · Score: 1

    Please tell it to Ubuntu? LTS are still on 3.x !

    --
    Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
    1. Re:Would you by kthreadd · · Score: 2

      Ubuntu backports the kernels for the next four releases after each LTS. If you're on trusty you can simply install kernel 4.2 by installing the linux-generic-lts-wily package.
      http://packages.ubuntu.com/tru...

      Once 16.04 has been released the 16.04 kernel will be backported to 14.04, then the cycle repeats and we start getting backported kernels to 16.04 every six months.

  14. Re:Lin-SUX needs a YODA DOLL UP ITS NIGGER ASS! by Zontar+The+Mindless · · Score: 1, Funny

    Up next, Old Ike explains to us out behind the barn how Netcraft AND Natalie Portman confirmed the death of renowned It Takes a Beowoulf Cluster author Theo deRaadt, here on "Trollin' Out the Oldies", right after these important messages!

    Don't touch that dial!

    --
    Il n'y a pas de Planet B.
  15. Re:Lin-SUX needs a YODA DOLL UP ITS NIGGER ASS! by KGIII · · Score: 1

    I'm glad I'm not the only one who has read them - all. Yup... I think I've read 'em all - every last one. Some of 'em are damned clever. They put some serious effort into them. Annoyingly enough, they almost always get a bite. There's always someone who wants to shut them up. There's always someone to express their outrage. It's a ritual and I dare say it's an essential part of what makes Slashdot. We can say any retarded thing we want - and be judged accordingly. That might not seem important but I say it's an essential quality.

    --
    "So long and thanks for all the fish."
  16. Re:I don't get this by KGIII · · Score: 1

    Nah, it should be rewritten in Rust, hosted on the cloud, and in a container. If it fails, you automate recovery by spinning up a new instance. Hell, it doesn't even run on iron, never mind big iron! You don't need an admin, when it burns down you spin up a new one.

    *snickers*

    (That sort of a reply would not surprise me.)

    --
    "So long and thanks for all the fish."
  17. Re:I run linux and i didnt know that by KGIII · · Score: 1

    Complex question and best answered that if you have to ask, you're doing enough.

    But, a more accurate question is how much do you trust the people who maintain your distro and how much effort are you willing to undertake. You can compile your own kernel. You can not. You can use a bleeding edge kernel. You can compile an older version that supports something that is now depreciated. You can patch. You can do anything you want. It's up to you and all about how much effort you want to put into it and what benefits you expect to get. You're quite probably fine (kernel related) just sticking with your regular updates via aptitude and the default repositories.

    --
    "So long and thanks for all the fish."
  18. Re:FOUR MONTHS? by kthreadd · · Score: 2

    Some distro might have used it, in that case that distro will have the choice of either maintaining their own branch themselves or move to a new release. Most kernel releases are only supported for a couple of months. About one or two releases per year is supported for longer than that, usually between two and five years.

  19. Re:I don't get this by F.Ultra · · Score: 1

    And it would webscale!

  20. Re:FOUR MONTHS? by F.Ultra · · Score: 2

    Because it's just one release in the v4 series, 4.1 has long term support, 4.2.8 was EOLd just before 4.4.0 was released and not when 4.5.0 is about to be released then 4.3.6 is EOLd. How many versions do you suppose that the kernel guys should support? At the moment they support 12 different kernels which they now cut down to 11.

    And you as the end user is not the supposed user of these kernels anyways, they are meant for the different distribution maintainers who in turn will either switch kernels for you automatically or backport changes if they themselves support other kernels for long term (like Red Hat and Ubuntu does). This is not like Microsoft forcing you to upgrade to WIndows 10 by EOL:ing windows 7, it's more like when they EOLd Windows 7 Service Pack 1 when Windows 7 Service Pack 3 where releases (or what ever they call these things now a days, I haven't really used WIndows since Windows 2000 so this details might have changed since then but I guess that you get the analogy anyways).

  21. Re:I don't get this by turbidostato · · Score: 1

    "This is why many banks still have important code written in cobol running on `70s minicomputers. It isn't because they can't afford the upgrades, or don't like upgrading equipment"

    Sorry, but it is exactly because they can't afford the upgrades and don't like upgrading equipment... coupled with not-so-brilliant software development practices of yore plus not-so-brillaint software development practives of today, which is what makes the upgrade just so expensive not even banks can afford it.

  22. Re:Why? This is as bad as Firefox by turbidostato · · Score: 1

    "Why would you ever release the 4.3 branch of GNU/Linux if you have no intention of supporting it for more than a couple of months?"

    For people that need to stay on top of current Linux kernel development to test, fix and develop against so the next LTS stable branch is as stable as it can be.

    "The GNU/Linux kernel is going the way of Firefox and this is bad for users [...]" ...blah, blah, blah... Anonymous Coward's unfocused, idiotic trolling follows.

  23. Re:I don't get this by TheGratefulNet · · Score: 1

    my lenovo new laptop also had a touchpad that would not work. it was a kernel bug of all things (ps2 driver and such). I had to disable to 'advanced' features and go back to old style ps2 emulation to make my 3 button touchpad work.

    lenovo was to blame, though. they changed, radically, how their alps/etc pads work and for a short while they had a nasty style pad with no real buttons and they had to implement it differently; this caused bugs in linux.

    then again, even win7 has issues with this trackpad, so it really was lenovo's fault.

    --

    --
    "It is now safe to switch off your computer."
  24. Re:I don't get this by Aighearach · · Score: 1

    Right, if you just presume that the banks can't afford computers, or don't have large budgets for that, or don't upgrade equipment... wow, you also haven't worked in the field, and don't know about the subject. And yet, you opened your keyboard anyways.

    Yeah, just wave your hands and talk smack, that will cause you to magically be better at security programming than engineers at teh bank! Yeah, that's the ticket. Derpy-derp!

  25. Re:I run linux and i didnt know that by KGIII · · Score: 1

    You can fit Lubuntu in a small area and it's very light - it runs LXDE. It's actually my preferred distro on old or new hardware. I've dug out a ten year old PC and installed it on that. It was stable enough that I left it running when I went on wanderlust. I'm connected to that one now as it's technically a backup and I wanted to make sure it was running. I'm using VNC to send this through that. I left in September.

    --
    "So long and thanks for all the fish."
  26. Re:I don't get this by turbidostato · · Score: 1

    "Right, if you just presume that the banks can't afford computers,"

    Computers is not what refrain banks from migrating out from mainframe/cobol.

    "or don't have large budgets for that"

    They *do* have large budgets, only not large enough (what do you think me saying "not even banks can afford it" really meant?)

    "or don't upgrade equipment"

    Of course yes. I bet they have the last mainframe model IBM or Fujitsu throw at them. What they don't upgrade is their Cobol.

    "and don't know about the subject."

    Or maybe I know better than you and that's why you don't grasp what I'm saying.

    "And yet, you opened your keyboard anyways."

    Premonitory words, ain't them?

  27. Re:I don't get this by Aighearach · · Score: 1

    They *do* have large budgets, only not large enough (what do you think me saying "not even banks can afford it" really meant?)

    I can't think of anything more absurd than the idea that banks don't have the money. It doesn't pass even the laugh test.

    And no, I didn't say you must have meant something else; I said it is absurd, and you are wrong. Sorry if I was unclear about that.

  28. Re: FOUR MONTHS? by F.Ultra · · Score: 1

    So in other words you have no clue what so ever how kernel.org works and what the people there do vs what is handled by the distributions?

  29. What's the hype? by sentiblue · · Score: 1

    So correct me if I'm wrong... Linux 2.x has been around for so many years we forgot that it will ever get an update.

    And then suddenly in the past 2-3 years, it continuously got updated on a very frequent schedule.... and it even got the founder asking people to do update.

    Just wondering if something/someone other than Linus himself is motivating this.