lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <570BF4A5.2010808@oracle.com>
Date:	Mon, 11 Apr 2016 15:01:57 -0400
From:	Sasha Levin <sasha.levin@...cle.com>
To:	Jeff Merkey <linux.mdb@...il.com>
Cc:	LKML <linux-kernel@...r.kernel.org>,
	stable <stable@...r.kernel.org>, lwn@....net
Subject: Re: [ANNOUNCE] linux-stable security tree

On 04/11/2016 02:17 PM, Jeff Merkey wrote:
> On 4/11/16, Sasha Levin <sasha.levin@...cle.com> wrote:
>> Hi all,
>>
>>
>> I'd like to announce the linux-stable security tree project. The purpose
>> is to create a derivative tree from the regular stable tree that would
>> contain only commits that fix security vulnerabilities.
>>
>> Quite a few users of the stable trees pointed out that on complex
>> deployments,
>> where validation is non-trivial, there is little incentive to follow the
>> stable tree after the product has been deployed to production. There is no
>> interest in "random" kernel fixes and the only requirements are to keep up
>> with security vulnerabilities.
>>
>> Given this, a few projects preferred to delay important kernel updates, and
>> a few even stopped updating the tree altogether, exposing them to critical
>> vulnerabilities.
>>
>> This project provides an easy way to receive only important security
>> commits,
>> which are usually only a few in each release, and makes it easy to
>> incorporate
>> them into existing projects.
>>
>> The tree is available at:
>>
>> 	https://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable-security.git/
>>
>> Support is provided for all active -stable trees
>> (https://www.kernel.org/category/releases.html).
>> Branches/tags for unsupported versions of >=3.0 kernels were also generated
>> for reference.
>>
>>
>> Thanks,
>> Sasha
>>
>>
>>
> 
> Hi Sasha,
> 
> Can you push a copy of this tree to github like Linus has done with
> torvalds/linux so folks who want to develop on it can fork it from
> there.

Sure! Now pushed to https://github.com/sashalevin/linux-stable-security


Thanks,
Sasha

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ