On Wed, 21 Aug 2013 16:22:28 +0400 Sergey Popov <pinkb...@gentoo.org> wrote:
> 21.08.2013 14:29, Tom Wijsman пишет: > > On Wed, 21 Aug 2013 13:42:56 +0400 > > You do draw assumptions, because you don't take a look; please do: > > > > https://bugs.gentoo.org/buglist.cgi?quicksearch=assignee%3Asecurity%40gentoo.org%20CC%3Akernel%40gentoo.org > > > > Sort by "Changed" such that the newest appear on top. > > > > And how should i must knew that these bugs related to particular > versions if they do not contain affected versions(i know that ALL > versions may be affected in particular time, but we are talking about > new stable kernel which bring fixes) and no dependant bugs in stable > request? How can i, not beeing member of Gentoo Kernel Team, discover > that it is security stabilization and which security bugs, registered > in our bugzilla, will gone when i will upgrad to it? Our dev 'ago' is on top of all that, but we really shouldn't rely on a single person; the lack of manpower causes uncertainty here, and it is because of that that we have to regard any stabilization as security. Given the kernel volume, I think even CVE's don't cover everything... > Honestly, we should revive Kernel Security subproject somehow, cause > this mess may confuse even ordinary developers. +1 The latest kernel related discussion(s) also make it clear there is a need for more documentation on how things currently work; because people that are not aware what happens upstream are making assumptions that don't reflect reality, and this makes it harder to reach consensus. With the hope of one or two people wanting to help out on genpatches (although I haven't heard from them lately); I'll try to document upstream's release cycle as well as how our current maintenance is done as part of the move to Gentoo Wiki, together with the rest we could then also clarify some kernel team policies and guidelines... -- With kind regards, Tom Wijsman (TomWij) Gentoo Developer E-mail address : tom...@gentoo.org GPG Public Key : 6D34E57D GPG Fingerprint : C165 AF18 AB4C 400B C3D2 ABF0 95B2 1FCD 6D34 E57D
signature.asc
Description: PGP signature
