Gentoo Archives: gentoo-security

From: Marius Mauch <genone@g.o>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Kernels and GLSAs
Date: Tue, 20 Sep 2005 12:51:12
Message-Id: 20050920144412.5b490e94@sven.genone.homeip.net
In Reply to: Re: [gentoo-security] Kernels and GLSAs by "Brian G. Peterson"
On Tue, 20 Sep 2005 07:16:36 -0500
"Brian G. Peterson" <brian@×××××××××.com> wrote:

> On Tuesday 20 September 2005 06:09 am, Calum wrote: > > I prefer the idea that tracking one source (GLSAs) would provide me > > with all the information I needed to keep my Gentoo boxes secure, > > but if we were all to change to a new system, perhaps the kernel > > GLSAs should have overlapped with this new system until it was in, > > tested, and adopted? > > While I think that kernels do need additional information to be > supplied about a potential security hole (kernel security problems > often occur in a module that many people may not use), I agree that > kernel vulnerabilities should be published as GLSAs. > > I subscribe to the GLSA RSS feed, and scan that feed manually against > my installed software list. The glsa-check tool is basically useless > (as of gentoolkit-0.2.1_pre7), as it shows all GLSAs rather than just > GLSAs for tools that correspond to packages installed on the system > it is run on.
Can you explain this a bit more? glsa-check hasn't actually changed for a long time. Also make sure you don't confuse the --list option with the --test option. Marius -- Public Key at http://www.genone.de/info/gpg-key.pub In the beginning, there was nothing. And God said, 'Let there be Light.' And there was still nothing, but you could see a bit better.

Replies

Subject Author
Re: [gentoo-security] Kernels and GLSAs Steven G Davis <sgdavis@×××××××.com>
Re: [gentoo-security] Kernels and GLSAs "Brian G. Peterson" <brian@×××××××××.com>