ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Meltdown Shows Why to Avoid LTS Releases

    IT Discussion
    linux meltdown zdnet security patching centos fedora ubuntu long term support
    2
    5
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller
      last edited by

      ZDNet reports that Meltdown patches on the Linux kernel can have impact of up to 800%, unless you are not running an out of date or LTS system, then the impact isn't very big. Modern systems, like Fedora and Ubuntu Current, use the 4.14 or later kernel which have addressed the Meltdown issue in other ways making them much more performant.

      This patch really helps to expose the degree of underlying problems that come from running old systems - sometimes just patching for bugs isn't enough. Sometimes you need technology to not be stagnant and you need to move forward. Fedora and Ubuntu Current and Tumbleweed all address Meltdown by actually addressing and fixing the problem to the best of their ability by adapting; CentOS and Ubuntu LTS and openSuse Leap all deal with it by "band-aiding" an old kernel with a security hack but without fundamentally fixing the underlying code - because they can't, their commitment to long term support means that they cannot make those kinds of necessary changes.

      Using "security fixes only" as an upgrade process leaves LTS releases exposed to more fundamental problems than rapid and rolling releases face. They are less flexible and unable to adapt to major problems. This is an example of how LTS releases will actually face a significant potential of degradation over time, in this case dramatically losing performance, because they lack the necessary ability to adapt to new hardware, threats, or information.

      1 Reply Last reply Reply Quote 2
      • black3dynamiteB
        black3dynamite
        last edited by

        I've noticed Fedora is now using 4.15.3 now.

        Wouldn't Debian falls in with the same issues unless we are using unstable or testing?

        scottalanmillerS 1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @black3dynamite
          last edited by

          @black3dynamite said in Meltdown Shows Why to Avoid LTS Releases:

          I've noticed Fedora is now using 4.15.3 now.

          Wouldn't Debian falls in with the same issues unless we are using unstable or testing?

          Yes, I believe so.

          1 Reply Last reply Reply Quote 0
          • black3dynamiteB
            black3dynamite
            last edited by

            What makes Red Hat and SUSE exempt compare to CentOS and OpenSUSE leap? Because we are paying for the support?

            scottalanmillerS 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @black3dynamite
              last edited by

              @black3dynamite said in Meltdown Shows Why to Avoid LTS Releases:

              What makes Red Hat and SUSE exempt compare to CentOS and OpenSUSE leap? Because we are paying for the support?

              Nothing makes them exempt, they ARE CentOS and Leap, just paid for instead of free. They suffer just the same.

              1 Reply Last reply Reply Quote 0
              • 1 / 1
              • First post
                Last post