Linux 4.3 Reached End of Life; Users Need To Move To Linux 4.4

prisoninmate writes: As some of you may know, Linux 4.3 was not an LTS (Long Term Support) release, so the last maintenance build is now Linux kernel 4.3.6, as announced earlier by Greg Kroah-Hartman, a renowned kernel developer and maintainer. While he's telling users of the Linux 4.3 series to update to the 4.3.6 point release, he also urges them, especially OS vendors, to move to the most advanced stable series, in this case, Linux kernel 4.4 LTS, which just received its second point release the other day. However, it appears that Linux kernel 4.3.6 is quite an update, as it changes a total of 197 files, with 2310 insertions and 963 deletions, bringing some much-needed improvements.

Re:

[Zontar The Mindless]

Up next, Old Ike explains to us out behind the barn how Netcraft AND Natalie Portman confirmed the death of renowned It Takes a Beowoulf Cluster author Theo deRaadt, here on "Trollin' Out the Oldies", right after these important messages!

Don't touch that dial!

Re:

[KGIII]

I'm glad I'm not the only one who has read them - all. Yup... I think I've read 'em all - every last one. Some of 'em are damned clever. They put some serious effort into them. Annoyingly enough, they almost always get a bite. There's always someone who wants to shut them up. There's always someone to express their outrage. It's a ritual and I dare say it's an essential part of what makes Slashdot. We can say any retarded thing we want - and be judged accordingly. That might not seem important but I say it'

4.x ?

[Anonymous Coward]

Forget 4.3.x vs 4.4.x - I'm still on 2.6.x you insensitive penguins!

Re:4.x ?

[Anonymous Coward]

You must be running Debian unstable?

Re:

[NotInHere]

+1 funny

Re:4.x ?

[KiloByte]

As of today unstable uses 4.3.5.

Then you need to update, current unstable has 4.4.2-2.

Re:

[ls671]

Hey man, don't make fun of me! I am still on 2.6 on most machines, 3.2 on more recent machines...

$ uname -a
Linux XXX 2.6.30.5 #4 SMP PREEMPT Sun Dec 29 21:46:53 EST 2013 i686 unknown unknown GNU/Linux

$ uname -a
Linux XXX 3.2.45 #1 SMP Fri Oct 3 14:32:04 EDT 2014 x86_64 Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz GenuineIntel GNU/Linux

Re:

[Anonymous Coward]

Which is insane. Distros should just follow the stable upstream kernels. The Linux ABI is solid so there's absolutely no reason to stick with an old kernel that the distro may have patched. We already know that many distros are bad at fixing security problems [statuscode.ch] in their package repositories, perhaps the kernel package maintainers have a better track record. That said, it's still a completely unnecessary extra step for patches to have to be backported for every single security hole found and fixed upstream. Th

Re:4.x ?

[Anonymous Coward]

Sorry, you don't get to decide what is right for me.
If I want upstream to decide over the end user I would allow Microsoft to push Windows 10 to my Windows 7 machine.

Also, not every machine is connected to internet. If I use an old kernel on my CNC machine in the basement then not breaking microsecond timings is way more important than the next security fix. If the next security fix breaks anything I might just as well throw the machine in the dumpster. The risk of hacking is insignificant compared to being able to use the machine for its intended purpose.

Functionality first, security second. If you do it the other way around and doesn't get a brick without any form of connector you are doing it wrong.

Re: 4.x ?

[qbast]

It is not about damn ABI. It is about uncertainty if new release will break suspend support in your laptop or if your devices will get flaky or stop working altogether.

Re:

[kthreadd]

Well if more people used current kernels instead of old kernels then these problems would be caught quicker with more people testing them. And it's not like the old distro kernels never fail. I have plenty of examples where both Ubuntu and Red Hat have introduced bugs in their kernel that the upstream kernel never had.

Re:

[turbidostato]

"Which is insane."

It is.

"Distros should just follow the stable upstream kernels."

They should.

And you can bet they will as soon as the upstream provider takes the word "stable" to really mean "stable", that is "no change in behaviour". Since that's not the case, distros are forced to the insanity of having to support their own kernel lines.

"there's absolutely no reason to stick with an old kernel that the distro may have patched"

You have not been using Linux for too long, do you? It is not a rare event tha

Re:

[ls671]

Exactly, same here it is called: backports

Re:

[F.Ultra]

Well most exploits are local anyway so unless he have other people logging into his machine or running software with exploits (and if so then those exploits in themselves is usually enough to gain root anyway) he has really nothing to fear here. Yes there have probably been remote exploits detected in the kernels that he runs, but they are then connected to certain remove file systems or communications protocols that he probably doesn't use either.

If some one gains access to your system it's 99% likely to b

Re:

[ls671]

Nope all patched

Re:

[HexaByte]

2.6.15 on my Fedora Core 5 Samba server that just won't break! 10 years now, and even then it was created from a used Dell WinDoze machine. The new server that was to replace it in 2013 (3.9) has already lost a hard drive.

Re:I don't get this

[Aighearach]

In the old days anybody who ran linux knew that updates were the source of new bugs. They also damage uptime.

Seriously now, who here is stupid enough to run an update only because it is new, or because they're asked to update frequently?

Re:

[EzInKy]

That is just plain silly. The longer the code is out there, the more likely that holes will be found. This applies to both closed and open source software.

Re:

[ls671]

Have you ever heard about backports??? It has the advantage of patching the hole without risks to introduce new holes usually.

Re:I don't get this

[Aighearach]

If you approach information that says a different thing than you expected, the first response should probably be to ask what you don't know, not just wave your hands and presume it is "silly." Worse, you should avoid embarrassing yourself with the claim that it is "plain" silly, because actually it is a mainstream argument that is a standard, traditional corollary to the point you did hear about that mention.

Yes, over time bugs are better known. That means they've already been mitigated. The new bugs that you don't know about, haven't been mitigated. In old-school *nix, it was normal to have ancient bugs in software specifically because it was very important to the security of the system and the known holes all had mitigation strategies.

It is still applicable. The reason a lot of youngsters these days are confused by the whole situation is that general purpose workstations that are frequently updated because they have applications that get updated, well those systems aren't locked down in the way a server is; those systems have poor security practices generally, because of the tradeoff between security and convenience. A person who doesn't care about the app updates can use the old system, and will likely be more secure even with the old bugs, if they're mitigating the ones that need mitigation.

If you ever meet a BOFH who manages secure routers, you should bring this up and ask them about it. You'll find out that the theory is well established, very strict, and has a great track record.

This is why many banks still have important code written in cobol running on `70s minicomputers. It isn't because they can't afford the upgrades, or don't like upgrading equipment; it is because the code is too important to introduce uncertainties, including the ones that fix bugs. Now, maybe you think that mainstream engineering practices that banks use is just silly stuff, not suited for serious professionals, but I would have to insist on differing.

Re:

[KGIII]

Nah, it should be rewritten in Rust, hosted on the cloud, and in a container. If it fails, you automate recovery by spinning up a new instance. Hell, it doesn't even run on iron, never mind big iron! You don't need an admin, when it burns down you spin up a new one.

*snickers*

(That sort of a reply would not surprise me.)

Re:

[F.Ultra]

And it would webscale!

Re:

[turbidostato]

"This is why many banks still have important code written in cobol running on `70s minicomputers. It isn't because they can't afford the upgrades, or don't like upgrading equipment"

Sorry, but it is exactly because they can't afford the upgrades and don't like upgrading equipment... coupled with not-so-brilliant software development practices of yore plus not-so-brillaint software development practives of today, which is what makes the upgrade just so expensive not even banks can afford it.

Re:

[Aighearach]

Right, if you just presume that the banks can't afford computers, or don't have large budgets for that, or don't upgrade equipment... wow, you also haven't worked in the field, and don't know about the subject. And yet, you opened your keyboard anyways.

Yeah, just wave your hands and talk smack, that will cause you to magically be better at security programming than engineers at teh bank! Yeah, that's the ticket. Derpy-derp!

Re:

[turbidostato]

"Right, if you just presume that the banks can't afford computers,"

Computers is not what refrain banks from migrating out from mainframe/cobol.

"or don't have large budgets for that"

They *do* have large budgets, only not large enough (what do you think me saying "not even banks can afford it" really meant?)

"or don't upgrade equipment"

Of course yes. I bet they have the last mainframe model IBM or Fujitsu throw at them. What they don't upgrade is their Cobol.

"and don't know about the subject."

Or maybe I know

Re:

[Aighearach]

They *do* have large budgets, only not large enough (what do you think me saying "not even banks can afford it" really meant?)

I can't think of anything more absurd than the idea that banks don't have the money. It doesn't pass even the laugh test.

And no, I didn't say you must have meant something else; I said it is absurd, and you are wrong. Sorry if I was unclear about that.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[the_humeister]

My laptop's trackpad doesn't work with 4.4.x. Can't find the reason why. It does work with 4.1.x and 4.3.x. So I guess I'm going back to the 4.1.x line.

Re:

[TheGratefulNet]

my lenovo new laptop also had a touchpad that would not work. it was a kernel bug of all things (ps2 driver and such). I had to disable to 'advanced' features and go back to old style ps2 emulation to make my 3 button touchpad work.

lenovo was to blame, though. they changed, radically, how their alps/etc pads work and for a short while they had a nasty style pad with no real buttons and they had to implement it differently; this caused bugs in linux.

then again, even win7 has issues with this trackpad, so

Re:

[Anonymous Coward]

$ uname -r
4.3.5-300.fc23.x86_64

Fedora users apparently. Kernel 4.4 is in the process of being rolled out to F22 and F23 though.Unlike some other distros Fedora does not have a policy of

backporting kernel patches, they just upgrade once the new kernel release has reached about .2 or so.

Re:

[armanox]

Up until a couple of years (2011 I think?) ago SGI was still releasing security updates for IRIX 6.5. Are you still running old software on there, using nekoware, or compiling software yourself on it?

Re:

[KGIII]

Complex question and best answered that if you have to ask, you're doing enough.

But, a more accurate question is how much do you trust the people who maintain your distro and how much effort are you willing to undertake. You can compile your own kernel. You can not. You can use a bleeding edge kernel. You can compile an older version that supports something that is now depreciated. You can patch. You can do anything you want. It's up to you and all about how much effort you want to put into it and what bene

Re:

[KGIII]

You can fit Lubuntu in a small area and it's very light - it runs LXDE. It's actually my preferred distro on old or new hardware. I've dug out a ten year old PC and installed it on that. It was stable enough that I left it running when I went on wanderlust. I'm connected to that one now as it's technically a backup and I wanted to make sure it was running. I'm using VNC to send this through that. I left in September.

Re:

[ChunderDownunder]

Integrators, not long term end-users.

Features added in 4.3 that people want to test their product against. If 4.4.is too bleeding edge then they can use 4.3 as a baseline until 4.5 is out and 4.4. becomes the new previous stable release.

i.e. All the cool stuff is happening in 4.5 right now but 4.4 might still contain regressions or unstable behaviour so maintainers keep the 4.3 branch alive for a little while.

Re:

[armanox]

Someone isn't paying attention at all. First, this is pure Linux. You don't get to say GNU/Linux when the talk is about the kernel itself. Second, there are short term support kernels and long term support kernels. The STS kernels are for the users that don't care about support (aka your average basement dweller). The LTS kernels get supported for years to come, and are what the enterprises are going to be using.

Re:

[turbidostato]

"Why would you ever release the 4.3 branch of GNU/Linux if you have no intention of supporting it for more than a couple of months?"

For people that need to stay on top of current Linux kernel development to test, fix and develop against so the next LTS stable branch is as stable as it can be.

"The GNU/Linux kernel is going the way of Firefox and this is bad for users [...]" ...blah, blah, blah... Anonymous Coward's unfocused, idiotic trolling follows.

Interested in DD-WRT

[jddj]

The much-vaunted router firmware is at kernel 3.Something. Can it truly be said to be a Linux variant? If so, how can it be so far behind?

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Anonymous Coward]

The FCC is busy putting an end to that.

Re:

[Smask]

root@DD-WRT:~# uname -a
Linux DD-WRT 4.4.0 #180 SMP Mon Jan 25 06:34:34 CET 2016 armv7l DD-WRT

The firmware on this router is a couple of weeks old.

Re:

[Smask]

The firmware on this router is a couple of weeks old.

Not any longer. Linux DD-WRT 4.4.2 #339 SMP Fri Feb 19 06:25:39 CET 2016 armv7l DD-WRT as of now.

Re:

[jddj]

Interesting, and useful information, thanks.

From 12/24/2015, my firmware flash gives:

Linux XXXXXXXXXXRouter 3.10.94 #10909 Thu Dec 24 11:05:12 CET 2015 mips DD-WRT

Is it the mips/Broadcom architecture that's holding it back? Where do I find a 4.N? I only ever see 2.6 and 3 being offered.

Would you

[aglider]

Please tell it to Ubuntu? LTS are still on 3.x !

Re:

[kthreadd]

Ubuntu backports the kernels for the next four releases after each LTS. If you're on trusty you can simply install kernel 4.2 by installing the linux-generic-lts-wily package.
http://packages.ubuntu.com/tru... [ubuntu.com]

Once 16.04 has been released the 16.04 kernel will be backported to 14.04, then the cycle repeats and we start getting backported kernels to 16.04 every six months.

Need?

[wonkey_monkey]

Linux 4.3 Reached End of Life; Users Need To Move To Linux 4.4

Need? Surely the whole point of Linux is that no-one needs to do anything.

FOUR MONTHS?

[DogDude]

Am I reading this wrong? Is a version that came out in NOVEMBER 2015 "end of life"? If so, who in their right mind would use this junk for anything important?

Re:

[kthreadd]

Some distro might have used it, in that case that distro will have the choice of either maintaining their own branch themselves or move to a new release. Most kernel releases are only supported for a couple of months. About one or two releases per year is supported for longer than that, usually between two and five years.

Re:

[F.Ultra]

Because it's just one release in the v4 series, 4.1 has long term support, 4.2.8 was EOLd just before 4.4.0 was released and not when 4.5.0 is about to be released then 4.3.6 is EOLd. How many versions do you suppose that the kernel guys should support? At the moment they support 12 different kernels which they now cut down to 11.

And you as the end user is not the supposed user of these kernels anyways, they are meant for the different distribution maintainers who in turn will either switch kernels for you

Re:

[F.Ultra]

So in other words you have no clue what so ever how kernel.org works and what the people there do vs what is handled by the distributions?

What's the hype?

[sentiblue]

So correct me if I'm wrong... Linux 2.x has been around for so many years we forgot that it will ever get an update.

And then suddenly in the past 2-3 years, it continuously got updated on a very frequent schedule.... and it even got the founder asking people to do update.

Just wondering if something/someone other than Linus himself is motivating this.