Linux kernels and security issues?

[Hanno Böck <hanno () hboeck de>]

Hi,

As we know, the linux kernel guys have security policies one can find 
questionable.

Though, I'm asking myself how to handle that? For 2.6.29.3, I read (here) that 
an exploit is floating around (can be found on milw0rm) - so I pretty much 
noted that it's probably a good idea to update.

Now we have 2.6.29.4 and I don't know if I should update again - I have some 
production servers where I'd like to avoid rebooting too often. The Changelog 
of a kernel minor release usually consists of several dozent entries - with 
lots of them I don't understand.

What I'd like to have is a short list of all security relevant changes, 
including some information giving me hints if I may be affected (i.e. affects 
core functionality or only a driver, filesystem, protocol I may or may not 
use). Is there some place in the net providing such information?
If someone (ocert?) wants to do the free software world a big favor, this 
would be really a great service.

-- 
Hanno Böck              Blog:           http://www.hboeck.de/
GPG: 3DBD3B20           Jabber/Mail:    hanno () hboeck de
http://ausdenaugenausdemsinn.de - Kein Sicherheitsrabatt für CO2-Speicher
http://tinyurl.com/dceu73 - Internetzensur stoppen!

http://schokokeks.org - professional webhosting

Attachment: signature.asc
Description: This is a digitally signed message part.