lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080715223910.GA6500@kroah.com>
Date:	Tue, 15 Jul 2008 15:39:10 -0700
From:	Greg KH <greg@...ah.com>
To:	pageexec@...email.hu
Cc:	Theodore Tso <tytso@....edu>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, stable@...nel.org
Subject: Re: [stable] Linux 2.6.25.10

On Tue, Jul 15, 2008 at 10:28:44PM +0200, pageexec@...email.hu wrote:
> Ted, the discussion is *not* about what the best disclosure policy
> would be for the kernel. the problem i raised was that there's one
> declared policy in Documentation/SecurityBugs (full disclosure) yet
> actual actions are completely different and now Linus even admitted
> it.

Huh?

How does what is described there differ from what Linus said, or the
-stable team has been doing so far?

What specifically are you asking for that is different?

The -stable commits are exactly the same as they are in mainline
(Linus's tree).  Are you upset by the fact that I am not saying, "Hey,
look, here's a bugfix that might be security related and here's how to
reproduce it!" in big flashing letters?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ