Re: For discussion: security support strategy for the wheezy kernel

To: cut-team@lists.alioth.debian.org, secure-testing-team@lists.alioth.debian.org, debian-kernel@lists.debian.org
Subject: Re: For discussion: security support strategy for the wheezy kernel
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Mon, 7 Feb 2011 23:03:14 -0500
Message-id: <[🔎] 20110207230314.c81daa29.michael.s.gilbert@gmail.com>
In-reply-to: <[🔎] 20110207225453.d45c85dd.michael.s.gilbert@gmail.com>
References: <[🔎] 20110206175211.cd94ac24.michael.s.gilbert@gmail.com> <[🔎] 20110207015808.GA17747@gnu.kitenet.net> <[🔎] 20110207225453.d45c85dd.michael.s.gilbert@gmail.com>

On Mon, 7 Feb 2011 22:54:53 -0500 Michael Gilbert wrote:
> Even playing the numbers game with a bit more thoughtful analysis with
> the LWN data, lenny looks a lot better.  It can be seen that lenny
> (2.6.26) was vulnerable to 69% (36 out of 52) of the vulnerabilities
> listed there, and squeeze (2.6.32) was vulnerable to 98% (51 out of
> 52).  In my opinion that's a rather substantial difference, and thus a
> problem worth pondering.

Minor correction: lenny was vulnerable to 67% (35 out of 51) and
squeeze was vulnerable to 98% (50 out of 51).  I had missed the issue
that was fixed in 2.6.20 and didn't affect either releases.

Best wishes,
Mike

Reply to:

References:
- For discussion: security support strategy for the wheezy kernel
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>
- Re: For discussion: security support strategy for the wheezy kernel
  - From: Joey Hess <joeyh@debian.org>
- Re: For discussion: security support strategy for the wheezy kernel
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>

Prev by Date: Re: For discussion: security support strategy for the wheezy kernel
Next by Date: Bug#585085: Issue detected in Squeeze
Previous by thread: Re: For discussion: security support strategy for the wheezy kernel
Next by thread: Re: For discussion: security support strategy for the wheezy kernel
Index(es):
- Date
- Thread