| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20080610201218.GM4018@sequoia.sous-sol.org> Date: Tue, 10 Jun 2008 13:12:23 -0700 From: Chris Wright <chrisw@...s-sol.org> To: linux-kernel@...r.kernel.org Subject: Re: Linux 2.6.25.6 * markus reichelt (ml@...eichelt.de) wrote: > * Henrique de Moraes Holschuh <hmh@....eng.br> wrote: > > On Mon, 09 Jun 2008, Chris Wright wrote: > > > We (the -stable team) are announcing the release of the 2.6.25.6 > > > kernel. > > > > > > It contains a number of assorted bugfixes all over the tree. Users are > > > encouraged to update. > > > > It also contains at least one security bugfix, as some were quick > > to point out in not-so-kind words: > > > > http://lwn.net/Articles/285438/ > > I agree that security bugfixes should be pointed out more clearly. I don't think anybody is disagreeing with that. It's not always obvious to bug submitters or fixers what the security implications are. While Brad has a good point, esp. w.r.t. the specific cpufreq bug he picked out having security implications, it is not true that we are actively hiding security bugs. Had I realized there was a security issue, I would highlight it in the announce message. In fact, that's our standard procedure for -stable. thanks, -chris -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists