oss-sec mailing list archives
Re: Linux kernel CVEs not mentioned on oss-security
From: Moritz Muehlenhoff <jmm () debian org>
Date: Tue, 26 Sep 2017 09:01:10 +0200
Priedhorsky, Reid wrote:
1. Is oss-security’s coverage of security issues in open-source software intended to be comprehensive? If so, this appears not to be true for the Linux kernel.
No, it's not. oss-security is just another mailing list to report security vulnerabilities, and not a canonical source.
2. Is there another source of comprehensive coverage of vulnerabilities in the Linux kernel, including but not necessarily limited to all CVEs issued for it?
This Debian repo has data on all public kernel vulnerabilities affecting the mainline Linux kernel: https://anonscm.debian.org/viewvc/kernel-sec/ Cheers, Moritz
Current thread:
- Linux kernel CVEs not mentioned on oss-security Priedhorsky, Reid (Sep 25)
- Re: Linux kernel CVEs not mentioned on oss-security Kurt Seifried (Sep 25)
- Re: Linux kernel CVEs not mentioned on oss-security Priedhorsky, Reid (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Simon McVittie (Sep 25)
- Re: Linux kernel CVEs not mentioned on oss-security Moritz Muehlenhoff (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Agostino Sarubbo (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Greg KH (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Nicholas Luedtke (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Agostino Sarubbo (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Greg KH (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Muhammed Mustapha Abiola (Sep 27)
- Re: Linux kernel CVEs not mentioned on oss-security Solar Designer (Sep 27)
- Re: Linux kernel CVEs not mentioned on oss-security Greg KH (Sep 27)
- Re: Linux kernel CVEs not mentioned on oss-security Solar Designer (Sep 27)
- Re: Linux kernel CVEs not mentioned on oss-security Greg KH (Sep 28)
- Re: Linux kernel CVEs not mentioned on oss-security Greg KH (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Kurt Seifried (Sep 25)