After reading the tangent topic in bug id 209460 concerning kernel
vulnerabilities and GLSAs I did some searching and
came across the "Kernels and GLSAs" thread from awhile ago.
I understand the logic behind not including kernel vulnerabilities in
regular GLSAs but in that thread
an up and coming solution (KISS) was mentioned. That was back in 2005
and now according to the Gentoo Kernel Security sub-project page the
project is stalled. Whatever happened to the KISS project?
I think notifying users of relevant kernel vulnerabilities is
important and I would like to help if possible. What is the current
state of things regarding kernel vulnerability reporting?
firstname.lastname@example.org mailing list