Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
On Sunday, 17. February 2008, Eduardo Tongson wrote:
> What specific kernel knowledge is needed to get a Kernel advisory up
> and running ?
Between becoming aware of a vulnerability in Linux and drafting an advisory
for one or all kernel sources comes the part where you review which
versions of which kernel sources are affected and unaffected. You also
need to pay attention to specifics of the added patchsets, which might
duplicate vulnerabilities.
Parts of the job can indeed be done without Kernel and C knowledge, but
some cannot. So if we draft a new kernel security *team*, people without C
and kernel knowledge are helpful -- some others need to have it, though.
Robert
|
| Attachment: |
|
signature.asc (This is a digitally signed message part.)
|
|
