Re: [PATCH 1/2] Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group

From: Kees Cook
Date: Fri Jun 30 2023 - 14:14:13 EST

Next message: George Stark: "Re: [PATCH v6 5/9] drm/meson: gate px_clk when setting rate"
Previous message: Conor Dooley: "Re: [PATCH v2 1/2] dt-bindings: mmc: mtk-sd: drop assigned-clocks/clock-parents"
In reply to: Kees Cook: "Re: [PATCH 2/2] Documentation: security-bugs.rst: clarify CVE handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 30, 2023 at 09:14:20AM +0200, Greg Kroah-Hartman wrote:
> Because the linux-distros group forces reporters to release information
> about reported bugs, and they impose arbitrary deadlines in having those
> bugs fixed despite not actually being kernel developers, the kernel
> security team recommends not interacting with them at all as this just
> causes confusion and the early-release of reported security problems.
>
> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

Yeah, this is good. It might make sense to explicitly detail the
rationale in security-bugs.rst (as you have in the commit log), but
perhaps that's too much detail.

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

--
Kees Cook

Next message: George Stark: "Re: [PATCH v6 5/9] drm/meson: gate px_clk when setting rate"
Previous message: Conor Dooley: "Re: [PATCH v2 1/2] dt-bindings: mmc: mtk-sd: drop assigned-clocks/clock-parents"
In reply to: Kees Cook: "Re: [PATCH 2/2] Documentation: security-bugs.rst: clarify CVE handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]