[Secure-testing-team] Kernel vulnerabilities in sarge-checks
Joey Hess
joeyh at debian.org
Tue Mar 22 18:55:54 UTC 2005
Dominic Hargreaves wrote:
> I noticed that while kernel vulns appear as kernel-source packages, we
> are not tracking the various kernel-image packages. Should we not also
> be doing this? As an example, I note that there are many
> vulnerabilities fixed in kernel-source-2.6.8 2.6.8-14, but that
> kernel-image-2.6.8-i386 has still not been built against it (and neither
> has any bug been filed against it).
The kernel team plans yet another release after -14 with more security
holes fixed and the one that caused the ABI change probably backed out,
and are not planning more uploads for -14 AFAIK, so I've held off trying
to track it.
--
see shy jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20050322/2c0d9986/attachment.pgp
More information about the Secure-testing-team
mailing list