From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JQVys-00058R-QQ for garchives@archives.gentoo.org; Sat, 16 Feb 2008 22:58:03 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 270EFE05FE; Sat, 16 Feb 2008 22:57:27 +0000 (UTC) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.184]) by pigeon.gentoo.org (Postfix) with ESMTP id 36BC0E0555 for ; Sat, 16 Feb 2008 22:57:26 +0000 (UTC) Received: by rv-out-0910.google.com with SMTP id b22so846172rvf.46 for ; Sat, 16 Feb 2008 14:57:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=dvQYP2WMbOI1H18IsXaiO6XXuLmvoXlDiveSPoqj104=; b=hf8n1cBCOVubQvzbTbDKd2IZk80J+Xbl0w2ywNu4q0wT49qvXBpqNUcyIg8HXXZ5tviDim0n2tI9rOeiIzGZn2dN9XnT++uh6laWq4RY5UQLTNuRqrfcxhzeoUYB9Q3o3/7mIVkckZNr+C0/UmKz9OuQGbP5Gwxg8wwufv0blhg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=JxxixuIGCIRjwjhnoXz5WbFF1igvrJOzbQgjE+Bc0rEqbjgSKdjz/p6/fQmZuX2Tl0Tx2/BUJFdyVLdm1hXuHVQP09EU2iIX89U4e/+ZM75iKqa5nfUPmAFKfN71z0hQYcm4E9vLarl60aD4+cG/m94tk1zMerYwnjk4OA30Z3I= Received: by 10.141.34.12 with SMTP id m12mr2888746rvj.26.1203202643236; Sat, 16 Feb 2008 14:57:23 -0800 (PST) Received: by 10.141.114.9 with HTTP; Sat, 16 Feb 2008 14:57:23 -0800 (PST) Message-ID: Date: Sat, 16 Feb 2008 17:57:23 -0500 From: "Casey Link" To: gentoo-security@lists.gentoo.org Subject: [gentoo-security] Kernel Security + KISS Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-security@lists.gentoo.org Reply-to: gentoo-security@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Archives-Salt: 875fbf88-a75b-4a7b-b416-e3bae1b66f76 X-Archives-Hash: 684b5c1fe2970c2d4be05ba42e9ff4e8 After reading the tangent topic in bug id 209460 concerning kernel vulnerabilities and GLSAs I did some searching and came across the "Kernels and GLSAs" thread from awhile ago. I understand the logic behind not including kernel vulnerabilities in regular GLSAs but in that thread an up and coming solution (KISS) was mentioned. That was back in 2005 and now according to the Gentoo Kernel Security sub-project page the project is stalled. Whatever happened to the KISS project? I think notifying users of relevant kernel vulnerabilities is important and I would like to help if possible. What is the current state of things regarding kernel vulnerability reporting? Casey Link -- gentoo-security@lists.gentoo.org mailing list