[Secure-testing-team] DTSA for 2.6.8 and 2.4.27
Moritz Muehlenhoff
jmm at inutil.org
Fri Sep 9 12:49:18 UTC 2005
Micah Anderson wrote:
> I think it would be a good idea to get a DTSA (Debian Testing Security
> Advisory) issued for 2.4.27 and 2.6.8.
>
> Neither of these advisories is a typical DTSA, as we normally we only do
> advisories for things that are blocked from reaching testing by some other
> issue, but I think that it would be good to do these two advisories because
> of the sheer number of security holes fixed as well as the necessary upgrade
> path that people need to take if they wish to maintain the integrity of
> their machines.
Good idea, but I'd suggest to make a clean-sweep run over all kernel
issues before. Some entries definitely need updating, (wrt to 2.4/2.6
mapping and IIRC Horms has some mails pending as well, he told me some days
ago. Also several more issues should receive a CVE mapping.
Wrt keeping a complete history we should also move the entries based on
older kernel-source packages to linux-2.6, as this will be the new
permanent source package for 2.6 kernels.
Cheers,
Moritz
More information about the Secure-testing-team
mailing list