From: Kees Cook <keescook@chromium.org>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: corbet@lwn.net, workflows@vger.kernel.org,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
security@kernel.org, Sasha Levin <sashal@kernel.org>,
Lee Jones <lee@kernel.org>
Subject: Re: [PATCH] Documentation: Document the Linux Kernel CVE process
Date: Tue, 13 Feb 2024 14:35:24 -0800 [thread overview]
Message-ID: <202402131429.A604440C6@keescook> (raw)
In-Reply-To: <2024021314-unwelcome-shrill-690e@gregkh>
On Tue, Feb 13, 2024 at 07:48:12PM +0100, Greg Kroah-Hartman wrote:
> +No CVEs will be assigned for unfixed security issues in the Linux
> +kernel, assignment will only happen after a fix is available as it can
> +be properly tracked that way by the git commit id of the original fix.
This seems at odds with the literal definition of what CVEs are:
_vulnerability_ enumeration. This is used especially during the
coordination of fixes; how is this meant to interact with embargoed
vulnerability fixing?
Outside of that, I welcome the fire-hose of coming identifiers! I think
this will more accurately represent the number of fixes landing in
stable trees and how important it is for end users to stay current on
a stable kernel.
Reviewed-by: Kees Cook <keescook@chromium.org>
--
Kees Cook
next prev parent reply other threads:[~2024-02-13 22:35 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-13 18:48 [PATCH] Documentation: Document the Linux Kernel CVE process Greg Kroah-Hartman
2024-02-13 19:09 ` Greg Kroah-Hartman
2024-02-13 19:20 ` Jonathan Corbet
2024-02-13 19:56 ` Randy Dunlap
2024-02-14 7:15 ` Greg Kroah-Hartman
2024-02-14 16:44 ` Randy Dunlap
2024-02-13 22:35 ` Kees Cook [this message]
2024-02-14 6:43 ` Greg Kroah-Hartman
2024-02-14 7:45 ` Greg Kroah-Hartman
2024-02-14 19:02 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202402131429.A604440C6@keescook \
--to=keescook@chromium.org \
--cc=corbet@lwn.net \
--cc=gregkh@linuxfoundation.org \
--cc=lee@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sashal@kernel.org \
--cc=security@kernel.org \
--cc=workflows@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.