Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Calum <gentoo-security@...>
Subject: Re: Kernels and GLSAs
Date: Tue, 20 Sep 2005 15:31:06 +0100
Alec Warner wrote:

> Does anyone have a link to the no kernel GLSA news?

No link, I'm afraid. But here is an excerpt from the email I received:

"Thing is, we don't do Kernel GLSAs anymore : by the time all the kernel
sources in Portage get fixed, months had passed and the issue was
forgotten/exploited already.

It's in the process of being remplaced by an Kernel Interactive Security
Status system (called KISS) that will help assess the current
vulnerabilities of your running kernel and help you chose when to
upgrade, along with specific "vulnerability alerts" telling people that
new big vulnerabilities have been found and to look into KISS for
information on fixed kernels. Exploitable Local Root vulnerabilities
would certainly trigger such an alert.

For the moment, the best way to get informed is to monitor the "Kernel"
component of the "Gentoo Security" product. Now that summer time and
2005.1 are over, I expect that KISS will be opened soon."


This isn't finger pointing, or anything like that at all. Gentoo is the
best distro for me, and that's why I use it, and everyone working on it
does a great job. It's just that I relied on the GLSAs, and never heard
anything to say that they weren't doing kernel GLSAs any more.

Calum

-- 
gpg   : FC64 140F@...
jabber: calum@...
-- 
gentoo-security@g.o mailing list


References:
Kernels and GLSAs
-- Calum
Re: Kernels and GLSAs
-- Brian G. Peterson
Re: Kernels and GLSAs
-- W.Kenworthy
Re: Kernels and GLSAs
-- Alec Warner
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Kernels and GLSAs
Next by thread:
Re: Kernels and GLSAs
Previous by date:
Re: Kernels and GLSAs
Next by date:
Re: Kernels and GLSAs


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.