Re: Linux Kernel Audit Project?

[John Richard Moser]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Diego Calleja wrote:
> El Mon, 17 Jan 2005 02:40:06 -0500 John Richard Moser <nigelenki@xxxxxxxxxxx> escribió:
> 
> 
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>On the same line, I've been graphing Ubuntu Linux Security Notices for a
>>while.  I've noticed that in the last 5, the number of kernel-related
>>vulnerabilities has doubled (3 more).  This disturbs me.
> 
> 
> 
> Most of the latest (ie: 2004) serious kernel holes (if not all) have been
> found by the isec.pl guys (http://www.isec.pl/vulnerabilities.html), specially
> Paul Starzetz. While they're not a "auditing project", the effect they're
> having is the same.
> 

sweet.

> 
> (By the way, secunia reports that 48% of the vulnerabilities reported for
> the linux kernel are not patched http://secunia.com/product/2719/ . I guess
> they can't notice when bugs are fixed but I hope there's not any open hole
> left)

There's probably open holes.  Never assume there's not.

> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
> 

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB6/7shDd4aOud5P8RAuMXAJ4rv2TMVALf7OD1omtXd9QrY4Qz3wCeO1Y3
MIjR3sUE2D4xWbXrkeMbOWE=
=hmFl
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/