[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Secure-testing-team] DTSA for 2.6.8 and 2.4.27

Micah Anderson wrote:
> I think it would be a good idea to get a DTSA (Debian Testing Security
> Advisory) issued for 2.4.27 and 2.6.8. 
>       
> Neither of these advisories is a typical DTSA, as we normally we only do
> advisories for things that are blocked from reaching testing by some other
> issue, but I think that it would be good to do these two advisories because
> of the sheer number of security holes fixed as well as the necessary upgrade
> path that people need to take if they wish to maintain the integrity of
> their machines.

Good idea, but I'd suggest to make a clean-sweep run over all kernel
issues before. Some entries definitely need updating, (wrt to 2.4/2.6
mapping and IIRC Horms has some mails pending as well, he told me some days
ago. Also several more issues should receive a CVE mapping.

Wrt keeping a complete history we should also move the entries based on
older kernel-source packages to linux-2.6, as this will be the new
permanent source package for 2.6 kernels.

Cheers,
         Moritz
Reply to: