|
List Info
Thread: More manpower needed for Gentoo Kernel Security project
|
|
| More manpower needed for Gentoo Kernel
Security project |
 
United States |
2007-05-20 15:03:45 |
Anyone interested in contributing the Gentoo kernel security
project?
Basic roles here are to handle vulnerabilities (both minor
and major) in
the kernel. The issues come in from databases such as
cve.mitre.org,
usually with patches, and you have to coordinate those
patches flowing
into the portage tree.
The usual process is to have a bug on the Gentoo bugzilla
per security
report. Initially you get me to include the patch in
genpatches, then
you CC maintainers of all other affected kernels and pester
them until
they have fixed their kernel, either by including the newer
genpatches
or by adding the patch individually.
This isn't a terribly interesting task, but is important and
we're
behind on issue tracking here. The thing that will make it
interesting
is that after getting a grasp of how the system works, we
are looking
for someone to develop software to help us track the
security bugs and
help communicate that info to users (who typically want to
know when a
new kernel fixes a security issue, so that they can
upgrade). This
software would probably be web-based.
Anyone interested?
htt
p://www.gentoo.org/proj/en/security/kernel.xml
Thanks,
Daniel
--
gentoo-kernel gentoo.org mailing list
|
|
| Re: More manpower needed for Gentoo
Kernel Security project |
 
Germany |
2007-05-20 15:53:59 |
On Sunday 20 May 2007 22:03:45 Daniel Drake wrote:
> Anyone interested in contributing the Gentoo kernel
security project?
Once I stopped being a recruiter, I might have some more
time for
kernel(-security) related things ..
Regards,
Christian
--
Christian Heim <phreak at gentoo.org>
GPG key ID: 9A9F68E6
Fingerprint: AEC4 87B8 32B8 4922 B3A9 DF79 CAE3 556F 9A9F
68E6
|
|
| Re: More manpower needed for Gentoo
Kernel Security project |
 
France |
2007-05-21 05:03:23 |
On Sun, May 20, 2007 at 04:03:45PM -0400, Daniel Drake
wrote:
> Anyone interested in contributing the Gentoo kernel
security project?
Yes, I would like to be involve in such a project but what
are the
requirements for such a task?
> htt
p://www.gentoo.org/proj/en/security/kernel.xml
>
> Thanks,
> Daniel
> --
> gentoo-kernelgentoo.org mailing list
--
Charles Clément.
--
gentoo-kernelgentoo.org mailing list
|
|
| Re: More manpower needed for Gentoo
Kernel Security project |
|
2007-05-21 06:45:51 |
I'd love to help out. see you on IRC
On 21/05/07, Charles Clément <caratorngmail.com> wrote:
> On Sun, May 20, 2007 at 04:03:45PM -0400, Daniel Drake
wrote:
> > Anyone interested in contributing the Gentoo
kernel security project?
>
> Yes, I would like to be involve in such a project but
what are the
> requirements for such a task?
>
> > htt
p://www.gentoo.org/proj/en/security/kernel.xml
> >
> > Thanks,
> > Daniel
> > --
> > gentoo-kernelgentoo.org mailing list
>
> --
> Charles Clément.
> --
> gentoo-kernelgentoo.org mailing list
>
>
--
/**
* Gentoo Linux Developer
* GPG : 0x2217D168
*/
--
gentoo-kernelgentoo.org mailing list
|
|
| Re: More manpower needed for Gentoo
Kernel Security project |
|
2007-05-21 08:25:03 |
|
I can help
On 5/20/07, Daniel Drake < dsdgentoo.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">dsdgentoo.org
> wrote:Anyone interested in contributing the Gentoo kernel security project?
Basic roles here are to handle vulnerabilities (both minor and major) in
the kernel. The issues come in from databases such as
cve.mitre.org,
usually with patches, and you have to coordinate those patches flowing
into the portage tree.
The usual process is to have a bug on the Gentoo bugzilla per security
report. Initially you get me to include the patch in genpatches, then
you CC maintainers of all other affected kernels and pester them until
they have fixed their kernel, either by including the newer genpatches
or by adding the patch individually.
This isn't a terribly interesting task, but is important and we're
behind on issue tracking here. The thing that will make it interesting
is that after getting a grasp of how the system works, we are looking
for someone to develop software to help us track the security bugs and
help communicate that info to users (who typically want to know when a
new kernel fixes a security issue, so that they can upgrade). This
software would probably be web-based.
Anyone interested?
http://www.gentoo.org/proj/en/security/kernel.xml
Thanks,
Daniel
--
gentoo-kernelgentoo.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">gentoo-kernelgentoo.org mailing list
--
Registered Linux User #392061
counter.li.org
--------
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
--------
Roses are Red
Violets are Blue
In Soviet Russia
Poem Writes YOU!
|
[1-5]
|
|
|
about | contact Other archives ( Real Estate discussion Medical topics )
|