Re: stable-security kernel updates

From: Willy Tarreau
Date: Tue Apr 26 2016 - 00:41:11 EST

Next message: Jassi Brar: "Re: [PATCH 0/4] OMAP Mailbox legacy platform device support removal"
Previous message: Vinay Simha: "Re: [PATCH 2/2] drm/dsi: Implement DCS get display self diagnostic"
In reply to: Ben Hutchings: "Re: stable-security kernel updates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 26, 2016 at 01:14:13AM +0200, Ben Hutchings wrote:
> On Thu, 2016-04-21 at 16:33 +0200, Willy Tarreau wrote:
> > On Thu, Apr 21, 2016 at 10:27:46AM -0400, Sasha Levin wrote:
> > >
> > > This means that missing CVE fixes are quite common with stable
> > > trees?
> > Until someone reports they are missing :-)
>
> Or they are unfixed upstream (there are a good few of those).
>
> Debian has a public list of all unembargoed kernel security issues that
> have CVEs (and a few that don't), with references to any upstream
> commits and fixed stable versions - but only for the stable branches
> that our stable releases follow.
>
> The mapping of CVE IDs to commits may be useful to other stable
> maintainers, even if the rest isn't.
>
> svn co svn://scm.alioth.debian.org/svn/kernel-sec/

Thanks for sharing this Ben, it can indeed be helpful sometimes and it's
well organized!

Willy

Next message: Jassi Brar: "Re: [PATCH 0/4] OMAP Mailbox legacy platform device support removal"
Previous message: Vinay Simha: "Re: [PATCH 2/2] drm/dsi: Implement DCS get display self diagnostic"
In reply to: Ben Hutchings: "Re: stable-security kernel updates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]