Re: [ANNOUNCE] linux-stable security tree

From: Jeff Merkey
Date: Mon Apr 11 2016 - 14:17:13 EST


On 4/11/16, Sasha Levin <sasha.levin@xxxxxxxxxx> wrote:
> Hi all,
>
>
> I'd like to announce the linux-stable security tree project. The purpose
> is to create a derivative tree from the regular stable tree that would
> contain only commits that fix security vulnerabilities.
>
> Quite a few users of the stable trees pointed out that on complex
> deployments,
> where validation is non-trivial, there is little incentive to follow the
> stable tree after the product has been deployed to production. There is no
> interest in "random" kernel fixes and the only requirements are to keep up
> with security vulnerabilities.
>
> Given this, a few projects preferred to delay important kernel updates, and
> a few even stopped updating the tree altogether, exposing them to critical
> vulnerabilities.
>
> This project provides an easy way to receive only important security
> commits,
> which are usually only a few in each release, and makes it easy to
> incorporate
> them into existing projects.
>
> The tree is available at:
>
> https://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable-security.git/
>
> Support is provided for all active -stable trees
> (https://www.kernel.org/category/releases.html).
> Branches/tags for unsupported versions of >=3.0 kernels were also generated
> for reference.
>
>
> Thanks,
> Sasha
>
>
>

Hi Sasha,

Can you push a copy of this tree to github like Linus has done with
torvalds/linux so folks who want to develop on it can fork it from
there.

Jeff