From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Krzysztof Kozlowski <krzk@kernel.org>
Cc: corbet@lwn.net, workflows@vger.kernel.org,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
security@kernel.org, Kees Cook <keescook@chromium.org>,
Sasha Levin <sashal@kernel.org>, Lee Jones <lee@kernel.org>
Subject: Re: [PATCH v3] Documentation: Document the Linux Kernel CVE process
Date: Thu, 15 Feb 2024 13:00:32 +0100 [thread overview]
Message-ID: <2024021524-profanity-relearn-38d2@gregkh> (raw)
In-Reply-To: <75f89fc2-4b43-4311-bc84-03738dead5cc@kernel.org>
On Wed, Feb 14, 2024 at 02:10:07PM +0100, Krzysztof Kozlowski wrote:
> On 14/02/2024 09:00, Greg Kroah-Hartman wrote:
> > The Linux kernel project now has the ability to assign CVEs to fixed
> > issues, so document the process and how individual developers can get a
> > CVE if one is not automatically assigned for their fixes.
> >
> > Reviewed-by: Kees Cook <keescook@chromium.org>
> > Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> > Signed-off-by: Sasha Levin <sashal@kernel.org>
> > Signed-off-by: Lee Jones <lee@kernel.org>
> > ---
> > v3: fix up wording in security-bugs.rst based on the changes to the cve
> > assignment process from v1, thanks to a private reviewer for
> > pointing that out.
> > v2: Grammer fixes based on review from Randy
> > Updated paragraph about how CVE identifiers will be assigned
> > (automatically when added to stable trees, or ask us for one
> > directly before that happens if so desired)
> >
> > Documentation/process/cve.rst | 120 ++++++++++++++++++++++++
> > Documentation/process/index.rst | 1 +
> > Documentation/process/security-bugs.rst | 5 +-
>
> Great direction! Finally all these bugs we are fixing every release
> (thus in stable trees) will get proper attention via assigned CVEs.
>
> Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org>
Thanks for the review!
greg k-h
next prev parent reply other threads:[~2024-02-15 12:00 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-14 8:00 [PATCH v3] Documentation: Document the Linux Kernel CVE process Greg Kroah-Hartman
2024-02-14 8:34 ` Lukas Bulwahn
2024-02-15 12:04 ` Greg Kroah-Hartman
2024-02-15 16:10 ` Oleksandr Natalenko
2024-02-15 17:49 ` Greg Kroah-Hartman
2024-02-14 8:37 ` Vegard Nossum
2024-02-15 11:50 ` Greg Kroah-Hartman
2024-02-15 12:24 ` Vegard Nossum
2024-02-16 8:28 ` Jani Nikula
2024-02-16 11:22 ` Greg Kroah-Hartman
2024-02-16 14:58 ` Jonathan Corbet
2024-02-17 7:31 ` [RFC] doc headings sweep Vegard Nossum
2024-02-17 16:34 ` Randy Dunlap
2024-02-19 21:05 ` Jonathan Corbet
2024-02-17 11:56 ` [PATCH v3] Documentation: Document the Linux Kernel CVE process Greg Kroah-Hartman
2024-02-14 13:10 ` Krzysztof Kozlowski
2024-02-15 12:00 ` Greg Kroah-Hartman [this message]
2024-02-14 13:41 ` Konstantin Ryabitsev
2024-02-15 11:59 ` Greg Kroah-Hartman
2024-02-14 13:43 ` Jiri Kosina
2024-02-14 13:55 ` Mark Brown
2024-02-14 14:32 ` Greg Kroah-Hartman
2024-02-14 14:46 ` Jiri Kosina
2024-02-14 15:10 ` Mark Brown
2024-02-14 13:58 ` Greg Kroah-Hartman
2024-02-14 14:38 ` Jiri Kosina
2024-02-14 15:09 ` Greg Kroah-Hartman
2024-02-15 8:17 ` Thorsten Leemhuis
2024-02-15 8:43 ` Greg Kroah-Hartman
2024-02-15 17:54 ` Michal Hocko
2024-02-15 18:20 ` Greg Kroah-Hartman
2024-02-15 18:36 ` Michal Hocko
2024-02-16 11:25 ` Greg Kroah-Hartman
2024-02-16 13:20 ` Michal Hocko
2024-02-16 15:34 ` Greg Kroah-Hartman
2024-02-16 16:51 ` Michal Hocko
2024-02-15 19:40 ` Kees Cook
2024-02-16 7:41 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2024021524-profanity-relearn-38d2@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=corbet@lwn.net \
--cc=keescook@chromium.org \
--cc=krzk@kernel.org \
--cc=lee@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sashal@kernel.org \
--cc=security@kernel.org \
--cc=workflows@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.