Re: [stable] Linux 2.6.25.10

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: <pageexec@...>

Cc: Andrew Morton <akpm@...>, <torvalds@...>, <linux-kernel@...>, <stable@...>

Date: Monday, July 14, 2008 - 8:04 am

Sorry for the delay, was on vacation...

On Thu, Jul 03, 2008 at 09:31:45PM +0200, pageexec@freemail.hu wrote:
quoted text> [spender's asked to be off the CC]

Chicken :)

quoted text> On 3 Jul 2008 at 11:57, Greg KH wrote:
> 
> > On Thu, Jul 03, 2008 at 10:29:14AM -0700, Greg KH wrote:
> > Adding 2 more addresses to this thread, as they were said to have
> > questions about this kernel release.
> 
> not only this one, but every commit for the past few years that fixed
> bugs with security impact. for reference:
> 
> http://lwn.net/Articles/285438/
> http://lwn.net/Articles/286263/
> http://lwn.net/Articles/287339/
> http://lwn.net/Articles/288473/

As I'm somewhere there is no web access, mind summarizing these if they
are relevant?

quoted text> > Again, if the above information is somehow insufficient as to what
> > exactly is fixed in the -stable releases, and anyone has questions about
> > how these release announcements are created, please let me know.
> 
> what is the disclosure policy used for commits fixing bugs with security
> impact (both vanilla and -stable, especially if there's a difference)?

What is outlined in Documentation/SecurityBugs.

quoted text> what do you include/omit?

Personally, I omit posting full "and here is explicitly how to exploit
this problem" notices as that is foolish.

But also remember that -stable releases are just a compilation of
patches that developers have sent to the stable developers, we use the
original commit messages as published in the main kernel tree, except
where the patch differs, which is rare.  So it's not like these releases
are any different than the main kernel releases on descriptions of
patches and issues surrounding them.

quoted text> how does it relate to what is declared in Documentation/SecurityBugs?

That deals with how security bugs that are sent to security@kernel.org
are handled, which is totally different from -stable releases, right?

thanks,

greg k-h
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Linux 2.6.25.10, Greg KH, (Wed Jul 2, 11:58 pm)

Re: Linux 2.6.25.10, Bart Van Assche, (Thu Jul 3, 1:08 pm)

Re: Linux 2.6.25.10, Greg KH, (Thu Jul 3, 1:29 pm)

Re: Linux 2.6.25.10, Bart Van Assche, (Sat Jul 5, 3:54 am)

Re: Linux 2.6.25.10, Greg KH, (Tue Jul 8, 12:12 am)

Re: Linux 2.6.25.10, Greg KH, (Thu Jul 3, 2:57 pm)

Re: Linux 2.6.25.10, , (Thu Jul 3, 3:31 pm)

Re: [stable] Linux 2.6.25.10, Greg KH, (Mon Jul 14, 8:04 am)

RE: [stable] Linux 2.6.25.10, David Schwartz, (Fri Jul 18, 8:47 pm)

RE: [stable] Linux 2.6.25.10, , (Fri Jul 18, 9:01 pm)

RE: [stable] Linux 2.6.25.10, David Schwartz, (Fri Jul 18, 9:51 pm)

Re: [stable] Linux 2.6.25.10, Willy Tarreau, (Sat Jul 19, 1:41 am)

Re: [stable] Linux 2.6.25.10, , (Mon Jul 14, 10:14 pm)

Re: [stable] Linux 2.6.25.10, Linus Torvalds, (Mon Jul 14, 10:27 pm)

Re: [stable] Linux 2.6.25.10, Tiago Assumpcao, (Tue Jul 15, 4:15 pm)

Re: [stable] Linux 2.6.25.10, Bernd Eckenfels, (Sat Jul 19, 9:13 pm)

Re: [stable] Linux 2.6.25.10, Tiago Assumpcao, (Tue Jul 15, 7:34 pm)

Re: [stable] Linux 2.6.25.10, , (Tue Jul 15, 11:31 am)

Re: [stable] Linux 2.6.25.10, Theodore Tso, (Tue Jul 15, 2:33 pm)

Re: [stable] Linux 2.6.25.10, , (Tue Jul 15, 4:28 pm)

Re: [stable] Linux 2.6.25.10, Greg KH, (Tue Jul 15, 6:39 pm)

Re: [stable] Linux 2.6.25.10, , (Tue Jul 15, 7:09 pm)

Re: [stable] Linux 2.6.25.10, David Miller, (Tue Jul 15, 6:47 pm)

Re: [stable] Linux 2.6.25.10, , (Tue Jul 15, 7:22 pm)

Re: [stable] Linux 2.6.25.10, David Miller, (Tue Jul 15, 7:35 pm)

Re: [stable] Linux 2.6.25.10, Tiago Assumpcao, (Tue Jul 15, 7:08 pm)

Re: [stable] Linux 2.6.25.10, David Miller, (Tue Jul 15, 7:21 pm)

Re: [stable] Linux 2.6.25.10, Tiago Assumpcao, (Tue Jul 15, 7:26 pm)

Re: [stable] Linux 2.6.25.10, , (Tue Jul 15, 7:26 pm)

Re: [stable] Linux 2.6.25.10, Linus Torvalds, (Tue Jul 15, 12:07 pm)

Re: [stable] Linux 2.6.25.10, , (Tue Jul 15, 3:03 pm)

Re: [stable] Linux 2.6.25.10, Linus Torvalds, (Tue Jul 15, 3:16 pm)

Re: [stable] Linux 2.6.25.10, Linus Torvalds, (Tue Jul 15, 12:13 pm)

Re: [stable] Linux 2.6.25.10, Aidan Thornton, (Thu Jul 17, 5:08 pm)

Re: Linux 2.6.25.10, Greg KH, (Wed Jul 2, 11:58 pm)


linux-kernel:
david	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
DervishD	ext2 on flash memory
Greg KH	[GIT PATCH] driver core patches against 2.6.24
Amit K. Arora	[RFC] Heads up on sys_fallocate()
git:

linux-netdev:
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
David Miller	[GIT]: Networking
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
David Miller	Re: iptables very slow after commit 784544739a25c30637397ace5489eeb6e15d7d49
openbsd-misc: