oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PATCH 0/4] ozwpan: Four remote packet-of-death vulnerabilities

From: Solar Designer <solar () openwall com>
Date: Wed, 13 May 2015 22:32:41 +0300
Hi Jason,

As mentioned on oss-security before, please don't ever cross-post
anything to oss-security and a high-volume list at once, especially not
to LKML or netdev.  Please make separate postings instead.  In this
case, it would have been appropriate for you to send the patches to
LKML, netdev, the relevant maintainers, etc. - and to post a summary to
oss-security listing the vulnerabilities and mentioning that fixes are
being discussed on LKML (ideally, you'd include links to LKML archives).
This is sub-optimal in terms of having the relevant detail right in
here, which is usually our preference, but cross-posting is just too
problematic (ends up in too much noise in here).

http://www.openwall.com/lists/oss-security/2015/01/21/3

Please help take these threads off oss-security now - but please do post
summaries to oss-security, such as when fixes get committed.

BTW, for patches that harden the Linux kernel rather than fix specific
vulnerabilities, we host a mailing list here that you may CC: it's
kernel-hardening.  Given its purpose and focus, it is in fact
appropriate (and even intended) to CC it on LKML postings.  For specific
vulnerability fixes, we host no such list here yet.  We may set one up,
or maybe the focus of kernel-hardening needs to be made broader.
I welcome opinions on this matter.

http://www.openwall.com/lists/kernel-hardening/

Thank you!

Alexander
Previous By Date Next
Previous By Thread Next

Current thread: