Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20170926065556.irjryveao6xcjmds@perpetual.pseudorandom.co.uk>
Date: Tue, 26 Sep 2017 07:55:56 +0100
From: Simon McVittie <smcv@...ian.org>
To: oss-security@...ts.openwall.com
Subject: Re: Linux kernel CVEs not mentioned on oss-security

On Mon, 25 Sep 2017 at 21:50:59 +0000, Priedhorsky, Reid wrote:
> 2. Is there another source of comprehensive coverage of vulnerabilities
> in the Linux kernel, including but not necessarily limited to all CVEs
> issued for it?

https://security-tracker.debian.org/tracker/source-package/linux is
probably not comprehensive either, but should include all the
non-embargoed CVEs and other vulnerabilities that the Debian security team
is aware of, including vulnerabilities that were assessed as too minor
to justify a Debian security advisory.

(The same works for any other Debian source package, e.g.
https://security-tracker.debian.org/tracker/source-package/ioquake3 is
a less extreme case.)

Regards,
    smcv

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.