Gentoo Logo
Gentoo Spaceship

Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
To: gentoo-security@g.o
From: Carsten Lohrke <carlo@g.o>
Subject: Re: Kernels and GLSAs
Date: Tue, 20 Sep 2005 19:50:35 +0200
On Tuesday 20 September 2005 18:15, Thierry Carrez wrote:
> Carsten Lohrke wrote:
> > This is indeed a problem. But the user expects a single point of
> > information about vulnerabilities from a distribution - and he's
> > absolutely right to do so.
> No, the user expects a single information channel. If we release Kernel
> alerts (GLKAs) in the same media as GLSAs (gentoo-announce, forums and
> RSS feed) he will get both. We can even name them "GLSAs" if that makes
> you feel better. They just won't have the same contents and won't be
> used by the same tools (see my explanation about glsa-check dealing with
> installed packages rather than with currently used kernel).

I think you got me wrong here, I meant absolutely the same as you. The point 
is I never saw any GLKA and no GLSA regarding kernel issues for quite a while 
and while I do not follow the kernel development closely and 
results in 404 since some time, I'm pretty sure there is quite a number of 
open vulnerabilities - at least in the latest stable 2.4.x kernel.

> Thing is, we can't fix all kernel issues in time for *any* source. By
> listing vulnerabilities rather than fixes, we :

What's the reason? The kernel is of course a bit more critical than Does the 
kernel herd need more time fixing and testing, do the arch herds need more 
time testing, lack of man power?

pgp4bhOW4rVFH.pgp (PGP signature)
Kernels and GLSAs
-- Calum
Re: Kernels and GLSAs
-- Carsten Lohrke
Re: Kernels and GLSAs
-- Thierry Carrez
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Kernels and GLSAs
Next by thread:
Re: Kernels and GLSAs
Previous by date:
Re: Kernels and GLSAs
Next by date:
Re: Kernels and GLSAs

Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.