Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 23 May 2022 08:34:31 +0200
From: Greg KH <greg@...ah.com>
To: Sam James <sam@...too.org>
Cc: oss-security@...ts.openwall.com, seth.arnold@...onical.com
Subject: Re: linux-distros list policy and Linux kernel

On Sun, May 22, 2022 at 08:55:50PM +0100, Sam James wrote:
> I'd also like to ask that the final commit messages please reference any
> relevant CVEs or at least the security impact. There've been a fair number
> of incidents where such information is stripped and it makes tracking
> issues *really* hard.

That is pretty much impossible and goes against the whole goal of "get
this fixed and in a public tree and only tell the world that it was an
issue after-the-fact" way that the kernel team works.  If we put all of
that in the commit to start with, the whole world knows this info.  We
can't go back in time and change git commits for obvious reasons.

thanks,

gre gk-h

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.