Bug 444149

Summary:	Please document how to handle Kernel security bugs
Product:	Gentoo Security	Reporter:	Agostino Sarubbo <ago>
Component:	Misc	Assignee:	Gentoo Security <security>
Status:	CONFIRMED ---
Severity:	normal	CC:	jstein, kernel, mihais23
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Agostino Sarubbo gentoo-dev

2012-11-21 11:24:12 UTC

As per $summary, in http://www.gentoo.org/security/en/vulnerability-policy.xml I didn't see how to handle the security bugs. Please document it.

Comment 1 Agostino Sarubbo gentoo-dev

2013-03-17 16:21:58 UTC

Any news here?

Comment 2 Agostino Sarubbo gentoo-dev

2013-12-27 17:42:31 UTC

A point of start, from the rbu directory, is located at:

http://dev.gentoo.org/~ago/kernsecbugz.txt

Comment 3 Sean Amoss (RETIRED) gentoo-dev

2014-12-10 00:14:58 UTC

*** Bug 474058 has been marked as a duplicate of this bug. ***

Comment 4 John Helmert III archtester

2022-10-16 14:01:46 UTC

I'd like to stop treating the kernel as special and release GLSAs for our supported kernels just as other packages. I've moved the supported kernel table from the Kernel Security project page to the root Security project page:

https://wiki.gentoo.org/wiki/Project:Security#Supported_kernel_sources

And I'd like TO eventually replace that table with the content from this page to make it even clear that the kernel shouldn't be treated as unique:

https://wiki.gentoo.org/wiki/User:Ajak/scratch#Supported_Software