oss-sec mailing list archives

Re: Linux kernel CVEs not mentioned on oss-security

From: Simon McVittie <smcv () debian org>
Date: Tue, 26 Sep 2017 07:55:56 +0100

On Mon, 25 Sep 2017 at 21:50:59 +0000, Priedhorsky, Reid wrote:

2. Is there another source of comprehensive coverage of vulnerabilities
in the Linux kernel, including but not necessarily limited to all CVEs
issued for it?


https://security-tracker.debian.org/tracker/source-package/linux is
probably not comprehensive either, but should include all the
non-embargoed CVEs and other vulnerabilities that the Debian security team
is aware of, including vulnerabilities that were assessed as too minor
to justify a Debian security advisory.

(The same works for any other Debian source package, e.g.
https://security-tracker.debian.org/tracker/source-package/ioquake3 is
a less extreme case.)

Regards,
    smcv

Current thread:

Linux kernel CVEs not mentioned on oss-security Priedhorsky, Reid (Sep 25)
- Re: Linux kernel CVEs not mentioned on oss-security Kurt Seifried (Sep 25)
  - Re: Linux kernel CVEs not mentioned on oss-security Priedhorsky, Reid (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Simon McVittie (Sep 25)
- Re: Linux kernel CVEs not mentioned on oss-security Moritz Muehlenhoff (Sep 26)
- Re: Linux kernel CVEs not mentioned on oss-security Agostino Sarubbo (Sep 26)
  - Re: Linux kernel CVEs not mentioned on oss-security Greg KH (Sep 26)
    - Re: Linux kernel CVEs not mentioned on oss-security Nicholas Luedtke (Sep 26)
    - Re: Linux kernel CVEs not mentioned on oss-security Agostino Sarubbo (Sep 26)
    - Re: Linux kernel CVEs not mentioned on oss-security Greg KH (Sep 26)
    - Re: Linux kernel CVEs not mentioned on oss-security Muhammed Mustapha Abiola (Sep 27)
    - Re: Linux kernel CVEs not mentioned on oss-security Solar Designer (Sep 27)
    - Re: Linux kernel CVEs not mentioned on oss-security Greg KH (Sep 27)
    - Re: Linux kernel CVEs not mentioned on oss-security Solar Designer (Sep 27)

(Thread continues...)