Slashdot Mirror
Linux 4.3 Reached End of Life; Users Need To Move To Linux 4.4
prisoninmate writes: As some of you may know, Linux 4.3 was not an LTS (Long Term Support) release, so the last maintenance build is now Linux kernel 4.3.6, as announced earlier by Greg Kroah-Hartman, a renowned kernel developer and maintainer. While he's telling users of the Linux 4.3 series to update to the 4.3.6 point release, he also urges them, especially OS vendors, to move to the most advanced stable series, in this case, Linux kernel 4.4 LTS, which just received its second point release the other day. However, it appears that Linux kernel 4.3.6 is quite an update, as it changes a total of 197 files, with 2310 insertions and 963 deletions, bringing some much-needed improvements.
Forget 4.3.x vs 4.4.x - I'm still on 2.6.x you insensitive penguins!
In the old days anybody who ran linux knew that updates were the source of new bugs. They also damage uptime.
Seriously now, who here is stupid enough to run an update only because it is new, or because they're asked to update frequently?
That is just plain silly. The longer the code is out there, the more likely that holes will be found. This applies to both closed and open source software.
Time is what keeps everything from happening all at once.
As far as I know, DD-WRT is run by some small, slow company called NewMedia-NET GmbH -- it's not really a community-project like e.g. OpenWRT is, and they don't really have much of an incentive to keep things properly updated. A vendor here and a vendor there pays them a few bucks to get DD-WRT running on their hardware, but after that it's mostly just abandoned. OpenWRT is already in the progress of moving to 4.x - series kernels, but I don't know how far away the next release is, and those guys seemingly try their best to keep all supported hardware up-to-date.
Have you ever heard about backports??? It has the advantage of patching the hole without risks to introduce new holes usually.
Everything I write is lies, read between the lines.
If you approach information that says a different thing than you expected, the first response should probably be to ask what you don't know, not just wave your hands and presume it is "silly." Worse, you should avoid embarrassing yourself with the claim that it is "plain" silly, because actually it is a mainstream argument that is a standard, traditional corollary to the point you did hear about that mention.
Yes, over time bugs are better known. That means they've already been mitigated. The new bugs that you don't know about, haven't been mitigated. In old-school *nix, it was normal to have ancient bugs in software specifically because it was very important to the security of the system and the known holes all had mitigation strategies.
It is still applicable. The reason a lot of youngsters these days are confused by the whole situation is that general purpose workstations that are frequently updated because they have applications that get updated, well those systems aren't locked down in the way a server is; those systems have poor security practices generally, because of the tradeoff between security and convenience. A person who doesn't care about the app updates can use the old system, and will likely be more secure even with the old bugs, if they're mitigating the ones that need mitigation.
If you ever meet a BOFH who manages secure routers, you should bring this up and ask them about it. You'll find out that the theory is well established, very strict, and has a great track record.
This is why many banks still have important code written in cobol running on `70s minicomputers. It isn't because they can't afford the upgrades, or don't like upgrading equipment; it is because the code is too important to introduce uncertainties, including the ones that fix bugs. Now, maybe you think that mainstream engineering practices that banks use is just silly stuff, not suited for serious professionals, but I would have to insist on differing.
OpenWRT's hardline attitude towards binary blob drivers has left it without official support of modern wifi on any router.
Oh, really? How come e.g. my 802.11AC NBG6716 is working fine? Oh, right, because there are actually quite a few modern WiFi-routers out there that don't need binary blob drivers to work!
Ubuntu backports the kernels for the next four releases after each LTS. If you're on trusty you can simply install kernel 4.2 by installing the linux-generic-lts-wily package.
http://packages.ubuntu.com/tru...
Once 16.04 has been released the 16.04 kernel will be backported to 14.04, then the cycle repeats and we start getting backported kernels to 16.04 every six months.
The FCC is busy putting an end to that.
Some distro might have used it, in that case that distro will have the choice of either maintaining their own branch themselves or move to a new release. Most kernel releases are only supported for a couple of months. About one or two releases per year is supported for longer than that, usually between two and five years.
Because it's just one release in the v4 series, 4.1 has long term support, 4.2.8 was EOLd just before 4.4.0 was released and not when 4.5.0 is about to be released then 4.3.6 is EOLd. How many versions do you suppose that the kernel guys should support? At the moment they support 12 different kernels which they now cut down to 11.
And you as the end user is not the supposed user of these kernels anyways, they are meant for the different distribution maintainers who in turn will either switch kernels for you automatically or backport changes if they themselves support other kernels for long term (like Red Hat and Ubuntu does). This is not like Microsoft forcing you to upgrade to WIndows 10 by EOL:ing windows 7, it's more like when they EOLd Windows 7 Service Pack 1 when Windows 7 Service Pack 3 where releases (or what ever they call these things now a days, I haven't really used WIndows since Windows 2000 so this details might have changed since then but I guess that you get the analogy anyways).