Re: [PATCH v3] Documentation: Document the Linux Kernel CVE process

From: Jiri Kosina
Date: Wed Feb 14 2024 - 09:39:46 EST

Next message: Felix Fietkau: "[PATCH net] netfilter: nf_tables: fix bidirectional offload regression"
Previous message: Roberto Sassu: "[RFC][PATCH 8/8] ima: Detect if digest cache changed since last measurement/appraisal"
In reply to: Greg Kroah-Hartman: "Re: [PATCH v3] Documentation: Document the Linux Kernel CVE process"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH v3] Documentation: Document the Linux Kernel CVE process"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 14 Feb 2024, Greg Kroah-Hartman wrote:

> The people that make up the current team, Lee, Sasha, and I, have a LONG
> history of fixing and triaging and managing security bugs for the
> kernel, in the community and in corporate environments. We know how to
> do this as we have been doing it for decades already.

Thanks for clarifying. Maybe the wording could use some more verbosity
then; one of my potential readings of it was "everything that gets picked
for -stable will get a CVE assigned".

> If you or anyone else wishes to help us out with this classification, we
> can gladly use the help.

Thanks, but no, thanks, I want to stay away from the CVE tragedy as far as
possible :)

--
Jiri Kosina
SUSE Labs

Next message: Felix Fietkau: "[PATCH net] netfilter: nf_tables: fix bidirectional offload regression"
Previous message: Roberto Sassu: "[RFC][PATCH 8/8] ima: Detect if digest cache changed since last measurement/appraisal"
In reply to: Greg Kroah-Hartman: "Re: [PATCH v3] Documentation: Document the Linux Kernel CVE process"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH v3] Documentation: Document the Linux Kernel CVE process"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]