Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
On 26 September 2010 11:31, Richard Freeman <rich0@g.o> wrote:
> Gentoo has been vulnerable to a highly-publicized (Guardian, Slashdot,
> the works) local privilege escalation for almost two weeks now. (Well,
> it has been vulnerable for years, but of course we didn't know about it
> until two weeks ago.)
>
> In the bugzilla thread tracking the problem it has been mentioned a few
> times that the kernel does not receive GLSA support:
> http://bugs.gentoo.org/show_bug.cgi?id=337645
Kernels used to be covered in GLSAs.
I mourned the loss of kernel GLSAs quite a while back.
http://blog.gmane.org/gmane.linux.gentoo.security/month=20070401
Kernels used to be included, but apparently it was too much work
getting all the version kernel versions in sync.
I used to have script that emailed me applicable GLSAs, and I never
heard that they stopped including the kernel, so I was miffed when I
found out.
I still don't understand why there isn't a single security alert point
of reference that covers everything on a Gentoo box though.
What would it take to get kernels included again?
/meh.
PS. Hardened Gentoo still rocks though.
|
|
