lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 16 Jul 2008 07:43:47 -0700
From:	Greg KH <greg@...ah.com>
To:	pageexec@...email.hu
Cc:	Tiago Assumpcao <tiago@...umpcao.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, stable@...nel.org
Subject: Re: [stable] Linux 2.6.25.10

On Wed, Jul 16, 2008 at 11:01:51AM +0200, pageexec@...email.hu wrote:
> On 15 Jul 2008 at 20:13, Greg KH wrote:
> 
> > On Tue, Jul 15, 2008 at 10:10:19PM -0300, Tiago Assumpcao wrote:
> > >
> > > All I ask for is to receive the "There are updates available." message as 
> > > soon as one security problem is reported, understood and treated by your 
> > > development part. And that is, the sooner possible, if you please.
> > 
> > Do we not already do this today?  I know I do this as soon as possible
> > for any reported problem for the -stable tree, as soon as the fix is in
> > Linus's tree.
> > 
> > See the 2.6.25.11 release for an example of this.
> 
> very good example of how you actually do *not* do what you claim. find me
> the word 'security' in your announcement. it's not there. amazing, isn't it.

No, it was a consious decision to do just to piss you off, glad to see
it worked :)

Come on, give me a break, Tiago asked that we do releases as soon as we
know about a security problem.  2.6.25.11 was released because of this,
and all users were told to upgrade.  Is the fact that I add the magic
word "security" in a sentance in the email some specific requirement
that will make you happy?

Take a look at the words I used, if someone can't determine if they
should upgrade or not based on that, then they need to rely on a company
to provide updates for them, and not be running their own kernels
because they really have no clue about system management.

Bah, what a joke.

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ