1 |
On Monday 16 April 2007 20:31, Sune Kloppenborg Jeppesen wrote: |
2 |
> I agree that policy should be updated to reflect this but that got bogged |
3 |
> down by other issues last I tried. I'll try again. |
4 |
Ohh well, I must have dropped my memory somewhere I forgot:( |
5 |
|
6 |
I actually updated the Gentoo Linux Vulnerability Treatment Policy¹ last |
7 |
August to reflect that: |
8 |
|
9 |
"Kernels |
10 |
Currently kernels are not covered by the GLSA release process. |
11 |
Vulnerabilities must still be reported and will be fixed, but no GLSA will be |
12 |
issued when everything is solved. |
13 |
Note: This policy should be changed when new tools are added to cover |
14 |
security vulnerabilities affecting the different kernel sources." |
15 |
|
16 |
¹ http://www.gentoo.org/security/en/vulnerability-policy.xml |
17 |
|
18 |
-- |
19 |
Sune Kloppenborg Jeppesen |
20 |
Gentoo Linux Security Team |