Greg K-H (npub1hfe…k5ww)
Will be interesting to see how the new process[1] plays together with "participation in stable is optional for mainline developers" and the "developers almost never declare specific changes as security fixes"[2] approach I assume still holds true for mainline.
I sounds like it could easily happen that someone fixes a security bug in mainline w/o telling anybody, so no CVE would be issued unless someone backports the change.
[1] https://lore.kernel.org/lkml/2024021314-unwelcome-shrill-690e@gregkh/
[2] http://kroah.com/log/blog/2018/02/05/linux-kernel-release-model/#security
Thorsten Leemhuis (acct. 1/4) /
npub1fz…emju7
2024-02-14 06:28:23
in reply to nevent1q…ymc9
Author Public Key
npub1fzflkuaynm4r0fgzxpjky4t3266gm8es3cw34xtmlczwa3wt70us6emju7Published at
2024-02-14 06:28:23Event JSON
{
"id": "c9a82fb0a3c763170b68df553379b0ec757b986b9ac8c7cbc4c2a198b2657fb9",
"pubkey": "4893fb73a49eea37a502306562557156b48d9f308e1d1a997bfe04eec5cbf3f9",
"created_at": 1707888503,
"kind": 1,
"tags": [
[
"p",
"ba73f1676e1b0c60b7c002471dc7bedb2b3da4a46c9b34d8f1fcb42e5da0dff7",
"wss://relay.mostr.pub"
],
[
"e",
"fc36739f82412264e9865591763c101d7055ff61f625765d1097b8df7ecab9ec",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://fosstodon.org/users/kernellogger/statuses/111928180959151440",
"activitypub"
]
],
"content": "nostr:npub1hfelzemwrvxxpd7qqfr3m3a7mv4nmf9ydjdnfk83lj6zuhdqmlmsgkk5ww \n\nWill be interesting to see how the new process[1] plays together with \"participation in stable is optional for mainline developers\" and the \"developers almost never declare specific changes as security fixes\"[2] approach I assume still holds true for mainline.\n\nI sounds like it could easily happen that someone fixes a security bug in mainline w/o telling anybody, so no CVE would be issued unless someone backports the change.\n\n[1] https://lore.kernel.org/lkml/2024021314-unwelcome-shrill-690e@gregkh/\n\n[2] http://kroah.com/log/blog/2018/02/05/linux-kernel-release-model/#security",
"sig": "3dbfe87ee1df92059c6fd25d747c1d2344a6599c67e0db826991259d145290d17c563c5156c01b6177b8cfe958a27aa142bfdbee839a0b1473679bc20d074003"
}