lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 11 Apr 2016 13:08:31 -0600
From:	Jeff Merkey <linux.mdb@...il.com>
To:	Sasha Levin <sasha.levin@...cle.com>
Cc:	LKML <linux-kernel@...r.kernel.org>,
	stable <stable@...r.kernel.org>, lwn@....net
Subject: Re: [ANNOUNCE] linux-stable security tree

On 4/11/16, Sasha Levin <sasha.levin@...cle.com> wrote:
> On 04/11/2016 02:34 PM, Jeff Merkey wrote:
>> On 4/11/16, Sasha Levin <sasha.levin@...cle.com> wrote:
>>> Hi all,
>>>
>>>
>>> I'd like to announce the linux-stable security tree project. The purpose
>>> is to create a derivative tree from the regular stable tree that would
>>> contain only commits that fix security vulnerabilities.
>>>
>>> Quite a few users of the stable trees pointed out that on complex
>>> deployments,
>>> where validation is non-trivial, there is little incentive to follow the
>>> stable tree after the product has been deployed to production. There is
>>> no
>>> interest in "random" kernel fixes and the only requirements are to keep
>>> up
>>> with security vulnerabilities.
>>>
>>> Given this, a few projects preferred to delay important kernel updates,
>>> and
>>> a few even stopped updating the tree altogether, exposing them to
>>> critical
>>> vulnerabilities.
>>>
>>> This project provides an easy way to receive only important security
>>> commits,
>>> which are usually only a few in each release, and makes it easy to
>>> incorporate
>>> them into existing projects.
>>>
>>> The tree is available at:
>>>
>>> 	https://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable-security.git/
>>>
>>> Support is provided for all active -stable trees
>>> (https://www.kernel.org/category/releases.html).
>>> Branches/tags for unsupported versions of >=3.0 kernels were also
>>> generated
>>> for reference.
>>>
>>>
>>> Thanks,
>>> Sasha
>>>
>>>
>>>
>>
>> Hi Sasha,
>>
>> [root@...-70-213-246 kernel]#
>> [root@...-70-213-246 kernel]#
>> [root@...-70-213-246 kernel]# git clone
>> https://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable-security.git
>> Cloning into 'linux-stable-security'...
>> fatal: repository
>> 'https://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable-security.git/'
>> not found
>> [root@...-70-213-246 kernel]# git clone
>> https://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable-security.git
>> Cloning into 'linux-stable-security'...
>> fatal: repository
>> 'https://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable-security.git/'
>> not found
>> [root@...-70-213-246 kernel]#
>
> Either of the following will let you clone it:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable-security.git
> https://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable-security.git
> https://kernel.googlesource.com/pub/scm/linux/kernel/git/sashal/linux-stable-security.git
>
>
> Thanks,
> Sasha
>


Thanks Guys,

:-)

Jeff

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ