From: Ben Hutchings <ben@decadent.org.uk>
To: Willy Tarreau <w@1wt.eu>, Sasha Levin <sasha.levin@oracle.com>
Cc: Jiri Slaby <jslaby@suse.cz>, Greg KH <greg@kroah.com>,
LKML <linux-kernel@vger.kernel.org>,
stable <stable@vger.kernel.org>,
lwn@lwn.net
Subject: Re: stable-security kernel updates
Date: Tue, 26 Apr 2016 01:14:13 +0200 [thread overview]
Message-ID: <1461626053.14569.30.camel@decadent.org.uk> (raw)
In-Reply-To: <20160421143325.GC9930@1wt.eu>
[-- Attachment #1: Type: text/plain, Size: 905 bytes --]
On Thu, 2016-04-21 at 16:33 +0200, Willy Tarreau wrote:
> On Thu, Apr 21, 2016 at 10:27:46AM -0400, Sasha Levin wrote:
> >
> > This means that missing CVE fixes are quite common with stable
> > trees?
> Until someone reports they are missing :-)
Or they are unfixed upstream (there are a good few of those).
Debian has a public list of all unembargoed kernel security issues that
have CVEs (and a few that don't), with references to any upstream
commits and fixed stable versions - but only for the stable branches
that our stable releases follow.
The mapping of CVE IDs to commits may be useful to other stable
maintainers, even if the rest isn't.
svn co svn://scm.alioth.debian.org/svn/kernel-sec/
Ben.
--
Ben Hutchings
The generation of random numbers is too important to be left to chance.
- Robert Coveyou
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2016-04-25 23:14 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-20 19:50 stable-security kernel updates Sasha Levin
2016-04-21 6:43 ` Jiri Slaby
2016-04-21 7:11 ` Willy Tarreau
2016-04-21 11:27 ` Sasha Levin
2016-04-21 12:36 ` Greg KH
2016-04-21 14:01 ` Sasha Levin
2016-04-21 14:12 ` Willy Tarreau
2016-04-21 11:11 ` Sasha Levin
2016-04-21 11:59 ` Jiri Slaby
2016-04-21 12:05 ` Jiri Slaby
2016-04-21 12:39 ` Greg KH
2016-04-21 12:50 ` Willy Tarreau
2016-04-21 13:54 ` Sasha Levin
2016-04-21 14:13 ` Jiri Slaby
2016-04-21 14:19 ` Willy Tarreau
2016-04-21 14:27 ` Sasha Levin
2016-04-21 14:33 ` Willy Tarreau
2016-04-25 23:14 ` Ben Hutchings [this message]
2016-04-26 4:40 ` Willy Tarreau
2016-04-21 13:53 ` Sasha Levin
2016-04-21 14:54 ` Jiri Slaby
2016-04-21 15:50 ` Sasha Levin
2016-04-21 19:32 ` Sasha Levin
2016-04-21 12:26 ` Bjørn Mork
2016-04-21 12:56 ` Willy Tarreau
2016-04-21 14:16 ` Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1461626053.14569.30.camel@decadent.org.uk \
--to=ben@decadent.org.uk \
--cc=greg@kroah.com \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=lwn@lwn.net \
--cc=sasha.levin@oracle.com \
--cc=stable@vger.kernel.org \
--cc=w@1wt.eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).