[Samba] Samba v3.0.23a BROKE my network
morgan at orst.edu
Mon Feb 5 19:02:39 GMT 2007
On Sat, 3 Feb 2007, Chris Hall wrote:
> On Mon, 29 Jan 2007 Gerald (Jerry) Carter wrote
>> Chris Hall wrote:
>>> ...but doesn't change my opinion that software should be written to
>>> avoid obscure failure caused by obvious misconfiguration -- particularly
>>> in the case of an upgrade which turns a previously working configuration
>>> into a broken one !
>> This is not a pass the buck argument, but I would push back
>> on the Fedora folks (IIRC the original context correctly).
>> No one should have pushed out a 3.0.23a from 3.0.14a via yum.
>> We have been constantly saying that upgrade releases
>> (when the minor number changes) has significant differences
>> from past releases. The letter releases are bug fix only.
> Well, OK... but is there a 3.0.14x which contains all the bug and *security*
> fixes that 3.0.23 contains ?
>> So you can tell us (developers) that we should make such
>> sweeping changes and in response I would state that package
>> maintainers for a distro should not push out such sweeping
>> changes without properly notifying the distro users.
> These days one feels nervous if one is not running the latest, stable
> version, on the basis that it should be the most secure.
> Last time I ran yum it updated 171 packages. The only way that it is
> practical for me to keep up to date is to depend on the developers to ensure:
> - either, the updates are upwards compatible (if necessary, by
> updating configuration)
> - or, the new software stops gracefully and points me in the right
> direction to complete the update
> And I would expect the second case to be (very) rare, and driven by a serious
> need or (better) a significant feature advantage.
> As a developer I understand the cost of upwards compatibility. But where it
> used to be a matter of convenience when occasionally upgrading for new
> features, it is now a matter of necessity when frequently upgrading to
> maintain maximum security.
> If I were maintaining a distribution, running to many hundreds of packages, I
> doubt I would feel it was practical if each one could carry its own little
> surprise !
Or, you could use Debian Linux which backports security fixes for their
stable releases. :)
More information about the samba