Gentoo Archives: gentoo-security

From: Robert Buchholz <rbu@g.o>
To: gentoo-security@l.g.o
Cc: Eduardo Tongson <propolice@×××××.com>
Subject: Re: [gentoo-security] Kernel Security + KISS
Date: Mon, 18 Feb 2008 04:13:42
Message-Id: 200802180512.35888.rbu@gentoo.org
In Reply to: Re: [gentoo-security] Kernel Security + KISS by Eduardo Tongson
On Sunday, 17. February 2008, Eduardo Tongson wrote:
> What specific kernel knowledge is needed to get a Kernel advisory up > and running ?
Between becoming aware of a vulnerability in Linux and drafting an advisory for one or all kernel sources comes the part where you review which versions of which kernel sources are affected and unaffected. You also need to pay attention to specifics of the added patchsets, which might duplicate vulnerabilities. Parts of the job can indeed be done without Kernel and C knowledge, but some cannot. So if we draft a new kernel security *team*, people without C and kernel knowledge are helpful -- some others need to have it, though. Robert

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-security] Kernel Security + KISS Harlan Lieberman-Berg <sysadmin@××××××××××××××××××××××××.com>