Re: Linux Kernel Audit Project?
From: Diego Calleja
Date: Mon Jan 17 2005 - 08:14:00 EST
El Mon, 17 Jan 2005 02:40:06 -0500 John Richard Moser <nigelenki@xxxxxxxxxxx> escribió:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On the same line, I've been graphing Ubuntu Linux Security Notices for a
> while. I've noticed that in the last 5, the number of kernel-related
> vulnerabilities has doubled (3 more). This disturbs me.
Most of the latest (ie: 2004) serious kernel holes (if not all) have been
found by the isec.pl guys (http://www.isec.pl/vulnerabilities.html), specially
Paul Starzetz. While they're not a "auditing project", the effect they're
having is the same.
(By the way, secunia reports that 48% of the vulnerabilities reported for
the linux kernel are not patched http://secunia.com/product/2719/ . I guess
they can't notice when bugs are fixed but I hope there's not any open hole
left)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/