Re: thoughts on kernel security issues

From: Florian Weimer
Date: Thu Jan 13 2005 - 04:01:46 EST

Next message: Miklos Szeredi: "Re: [fuse-devel] Merging?"
Previous message: Andrew Morton: "Re: [patch] mm: Reimplementation of dynamic percpu memory allocator"
In reply to: Barry K. Nathan: "Re: thoughts on kernel security issues"
Next in thread: Barry K. Nathan: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Barry K. Nathan:

> On Thu, Jan 13, 2005 at 04:53:31AM +0100, Marek Habersack wrote:
>> archived mail message or a webpage with the patch. Hoping he'll find the
>> fixes in the vendor kernels, he goes to download source packages from SuSe,
>> RedHat or Trustix, Debian, Ubuntu, whatever and discovers that it is as easy
>> to find the patch there as it is to fish it out of the vanilla kernel patch
>> for the new version. Frustrating, isn't it? Not to mention that he might
>
> http://linux.bkbits.net is your friend.
>
> Each patch (including security fixes) in the mainline kernels (2.4 and
> 2.6) appears there as an individual, clickable link with a description
> (e.g. "1.1551 Paul Starzetz: sys_uselib() race vulnerability
> (CAN-2004-1235)").

This is the exception. Usually, changelogs are cryptic, often
deliberately so. Do you still remember Alan's DMCA protest
changelogs?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Miklos Szeredi: "Re: [fuse-devel] Merging?"
Previous message: Andrew Morton: "Re: [patch] mm: Reimplementation of dynamic percpu memory allocator"
In reply to: Barry K. Nathan: "Re: thoughts on kernel security issues"
Next in thread: Barry K. Nathan: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]