444149 – Please document how to handle Kernel security bugs

Bug 444149 - Please document how to handle Kernel security bugs

Summary: Please document how to handle Kernel security bugs

Status:	CONFIRMED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Misc (show other bugs)
Hardware:	All Linux

Importance:	Normal normal with 1 vote (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Duplicates (1):	474058 (view as bug list)
Depends on:
Blocks:

Reported:	2012-11-21 11:24 UTC by Agostino Sarubbo
Modified:	2022-10-16 14:01 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2012-11-21 11:24:12 UTC

As per $summary, in http://www.gentoo.org/security/en/vulnerability-policy.xml I didn't see how to handle the security bugs. Please document it.

Comment 1 Agostino Sarubbo gentoo-dev

2013-03-17 16:21:58 UTC

Any news here?

Comment 2 Agostino Sarubbo gentoo-dev

2013-12-27 17:42:31 UTC

A point of start, from the rbu directory, is located at:

http://dev.gentoo.org/~ago/kernsecbugz.txt

Comment 3 Sean Amoss (RETIRED) gentoo-dev

2014-12-10 00:14:58 UTC

*** Bug 474058 has been marked as a duplicate of this bug. ***

Comment 4 John Helmert III archtester

2022-10-16 14:01:46 UTC

I'd like to stop treating the kernel as special and release GLSAs for our supported kernels just as other packages. I've moved the supported kernel table from the Kernel Security project page to the root Security project page:

https://wiki.gentoo.org/wiki/Project:Security#Supported_kernel_sources

And I'd like TO eventually replace that table with the content from this page to make it even clear that the kernel shouldn't be treated as unique:

https://wiki.gentoo.org/wiki/User:Ajak/scratch#Supported_Software