Date: Wed, 13 May 2015 22:32:41 +0300 From: Solar Designer <solar@...nwall.com> To: "Jason A. Donenfeld" <Jason@...c4.com> Cc: oss-security@...ts.openwall.com Subject: Re: [PATCH 0/4] ozwpan: Four remote packet-of-death vulnerabilities Hi Jason, As mentioned on oss-security before, please don't ever cross-post anything to oss-security and a high-volume list at once, especially not to LKML or netdev. Please make separate postings instead. In this case, it would have been appropriate for you to send the patches to LKML, netdev, the relevant maintainers, etc. - and to post a summary to oss-security listing the vulnerabilities and mentioning that fixes are being discussed on LKML (ideally, you'd include links to LKML archives). This is sub-optimal in terms of having the relevant detail right in here, which is usually our preference, but cross-posting is just too problematic (ends up in too much noise in here). http://www.openwall.com/lists/oss-security/2015/01/21/3 Please help take these threads off oss-security now - but please do post summaries to oss-security, such as when fixes get committed. BTW, for patches that harden the Linux kernel rather than fix specific vulnerabilities, we host a mailing list here that you may CC: it's kernel-hardening. Given its purpose and focus, it is in fact appropriate (and even intended) to CC it on LKML postings. For specific vulnerability fixes, we host no such list here yet. We may set one up, or maybe the focus of kernel-hardening needs to be made broader. I welcome opinions on this matter. http://www.openwall.com/lists/kernel-hardening/ Thank you! Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.