Re: thoughts on kernel security issues

From: Barry K. Nathan
Date: Thu Jan 13 2005 - 00:39:12 EST

Next message: Miklos Szeredi: "Re: [PATCH 3/11] FUSE - device functions"
Previous message: Miklos Szeredi: "Re: [PATCH 2/11] FUSE - core"
In reply to: Marek Habersack: "Re: thoughts on kernel security issues"
Next in thread: Florian Weimer: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 13, 2005 at 04:53:31AM +0100, Marek Habersack wrote:
> archived mail message or a webpage with the patch. Hoping he'll find the
> fixes in the vendor kernels, he goes to download source packages from SuSe,
> RedHat or Trustix, Debian, Ubuntu, whatever and discovers that it is as easy
> to find the patch there as it is to fish it out of the vanilla kernel patch
> for the new version. Frustrating, isn't it? Not to mention that he might

http://linux.bkbits.net is your friend.

Each patch (including security fixes) in the mainline kernels (2.4 and
2.6) appears there as an individual, clickable link with a description
(e.g. "1.1551 Paul Starzetz: sys_uselib() race vulnerability
(CAN-2004-1235)").

If other patches have gone in since then, you may have to scroll through
a (short-form) changelog. However, it's still less frustrating than the
scenario you portray.

-Barry K. Nathan <barryn@xxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Miklos Szeredi: "Re: [PATCH 3/11] FUSE - device functions"
Previous message: Miklos Szeredi: "Re: [PATCH 2/11] FUSE - core"
In reply to: Marek Habersack: "Re: thoughts on kernel security issues"
Next in thread: Florian Weimer: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]