Re: [ANNOUNCE] linux-stable security tree
From: Sasha Levin
Date: Mon Apr 11 2016 - 15:02:10 EST
On 04/11/2016 02:17 PM, Jeff Merkey wrote:
> On 4/11/16, Sasha Levin <sasha.levin@xxxxxxxxxx> wrote:
>> Hi all,
>>
>>
>> I'd like to announce the linux-stable security tree project. The purpose
>> is to create a derivative tree from the regular stable tree that would
>> contain only commits that fix security vulnerabilities.
>>
>> Quite a few users of the stable trees pointed out that on complex
>> deployments,
>> where validation is non-trivial, there is little incentive to follow the
>> stable tree after the product has been deployed to production. There is no
>> interest in "random" kernel fixes and the only requirements are to keep up
>> with security vulnerabilities.
>>
>> Given this, a few projects preferred to delay important kernel updates, and
>> a few even stopped updating the tree altogether, exposing them to critical
>> vulnerabilities.
>>
>> This project provides an easy way to receive only important security
>> commits,
>> which are usually only a few in each release, and makes it easy to
>> incorporate
>> them into existing projects.
>>
>> The tree is available at:
>>
>> https://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable-security.git/
>>
>> Support is provided for all active -stable trees
>> (https://www.kernel.org/category/releases.html).
>> Branches/tags for unsupported versions of >=3.0 kernels were also generated
>> for reference.
>>
>>
>> Thanks,
>> Sasha
>>
>>
>>
>
> Hi Sasha,
>
> Can you push a copy of this tree to github like Linus has done with
> torvalds/linux so folks who want to develop on it can fork it from
> there.
Sure! Now pushed to https://github.com/sashalevin/linux-stable-security
Thanks,
Sasha