Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 22 May 2009 15:27:31 -0600
From: dann frazier <dannf@...ian.org>
To: oss-security@...ts.openwall.com
Subject: Re: Linux kernels and security issues?

On Fri, May 22, 2009 at 10:42:52PM +0200, Moritz Muehlenhoff wrote:
> On Fri, May 22, 2009 at 12:19:53AM +0200, Hanno Böck wrote:
> > 
> > What I'd like to have is a short list of all security relevant changes, 
> > including some information giving me hints if I may be affected (i.e. affects 
> > core functionality or only a driver, filesystem, protocol I may or may not 
> > use). Is there some place in the net providing such information?
> > If someone (ocert?) wants to do the free software world a big favor, this 
> > would be really a great service.
> 
> Debian collects information on all kernel security issues in a public
> SVN repo. It contains information on fixed versions, upstream
> commits and external information sources (e.g. other distribution bug
> trackers). It might be useful to you:
> http://svn.debian.org/wsvn/kernel-sec
> You can also subscribe to the SVN commit mailing list to get instant
> updates.

Yes - and this project is open to members of upstream/other distros if
anyone is interested.

> However, writing verbose advisories on all kernel security issues would
> be an Herculean task; we currently track 484 kernel security issues
> in the kernel-sec tracker...


-- 
dann frazier

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ