Security bug in bash: http://seclists.org/oss-sec/2014/q3/649
/Sona > -----Original Message----- > From: Burton, Ross [mailto:ross.bur...@intel.com] > Sent: den 24 september 2014 22:59 > To: Sona Sarmadi > Cc: Jolley, Stephen K; yocto@yoctoproject.org > Subject: Re: [yocto] Minutes: Yocto Project Technical Team Meeting - > Tuesday, September 9, 2014 8:00 AM US Pacific Time > > On 24 September 2014 12:44, Sona Sarmadi <sona.sarm...@enea.com> > wrote: > >> As well as security fixes for the kernel, do you also cover security > >> fixes for the userspace (i.e. everything else in oe-core)? Help > >> keeping the rest of the system safe, and relevant fixes backported to > >> the stable releases, is always welcome. > > > > Yes, we monitor oss-security public mailing list, as soon a new > > vulnerability > (CVE) in the Linux kernel or userspace is announced in that list, we try to > catch them and backport all which are relevant. We look for other sources as > well but oss-securiy (oss-secur...@lists.openwall.com) is a good > source/mailing list/ to detect vulnerabilities in open source products (kernel > & userspace). > > > Well this is convenient timing... I'm sure you've noticed the CVE in bash, > will > your team be able to submit patches for the releases we are supporting (1.4 > onwards)? > > Ross -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto