| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230305220010.20895-6-vegard.nossum@oracle.com>
Date: Sun, 5 Mar 2023 23:00:08 +0100
From: Vegard Nossum <vegard.nossum@...cle.com>
To: Jonathan Corbet <corbet@....net>, linux-doc@...r.kernel.org,
Jiri Kosina <jkosina@...e.cz>,
Solar Designer <solar@...nwall.com>,
Will Deacon <will@...nel.org>, Willy Tarreau <w@....eu>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org, Amit Shah <aams@...zon.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
David Woodhouse <dwmw@...zon.co.uk>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
Kees Cook <keescook@...omium.org>,
Laura Abbott <labbott@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Mauro Carvalho Chehab <mchehab@...nel.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Thorsten Leemhuis <linux@...mhuis.info>,
Tyler Hicks <tyhicks@...ux.microsoft.com>,
Vegard Nossum <vegard.nossum@...cle.com>
Subject: [PATCH v3 5/7] Documentation/security-bugs: add table of lists
Give an overview of the full process the start of the document.
This makes it clear 1) in what order the lists should be contacted,
and 2) the purpose of each list.
Thanks to Jonathan Corbet and Mauro Carvalho Chehab for providing
the readable markup for the table.
Link: https://lore.kernel.org/all/20220604014317.79eb23db@sal.lan/
Suggested-by: Jonathan Corbet <corbet@....net>
Suggested-by: Mauro Carvalho Chehab <mchehab@...nel.org>
Signed-off-by: Vegard Nossum <vegard.nossum@...cle.com>
---
Documentation/process/security-bugs.rst | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/Documentation/process/security-bugs.rst b/Documentation/process/security-bugs.rst
index 2dd6569a7abb..61742dcfea50 100644
--- a/Documentation/process/security-bugs.rst
+++ b/Documentation/process/security-bugs.rst
@@ -18,7 +18,26 @@ vulnerability.
Note that the main interest of the kernel security list is in getting
bugs fixed and getting patches reviewed, tested, and merged; CVE
assignment, disclosure to distributions, and public disclosure happen on
-different lists with different people.
+different lists with different people, as described below.
+
+Here is a quick overview of the various lists:
+
+ =============================== ===== =================== ===============
+ List address Open? Purpose Members
+ =============================== ===== =================== ===============
+ security@...nel.org no | Reporting Trusted kernel
+ | Patch development developers
+ ------------------------------- ----- ------------------- ---------------
+ linux-distros@...openwall.org no | Coordination Distribution
+ | CVE assignment representatives
+ | Backporting
+ | Testing
+ ------------------------------- ----- ------------------- ---------------
+ oss-security@...ts.openwall.com yes | Disclosure General public
+ =============================== ===== =================== ===============
+
+The following sections give a step-by-step guide to reporting and
+disclosure.
Contacting the security list
----------------------------
--
2.40.0.rc1.2.gd15644fe02
Powered by blists - more mailing lists