Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 20 Feb 2008 17:51:47 -0800
From: Kees Cook <kees@...flux.net>
To: oss-security@...ts.openwall.com
Subject: Re: code review CVS

On Wed, Feb 20, 2008 at 12:28:44PM -0700, Vincent Danen wrote:
> I like the patch idea, however.  A "vendor patch" database of sorts
> would be nice (would save me from hunting from, say, ubuntu packages for
> a patch for something they already fixed, or looking at ubuntu for one,
> and SUSE for another because of version differences).

I'd really like to have at least a "how to find a patch for [distro],
release [version]".  I have an easier time finding Debian patches,
for example, since http://snapshot.debian.net/ exists.  Ubuntu is a
bit less patch-hunter-friendly in that regard, but we try to alway keep
patches external to from the source tree, so they're easy to locate from
change logs.  Doing this with src.rpms follows a similar convention,
but can sometimes get tricky too.  Finding them can sometimes be a chore
-- I always bang my head when looking for RHEL src.rpms.  :)

-Kees

-- 
Kees Cook                                            @outflux.net

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ