Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755552AbcDKTCH (ORCPT ); Mon, 11 Apr 2016 15:02:07 -0400 Received: from aserp1040.oracle.com ([141.146.126.69]:42808 "EHLO aserp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754315AbcDKTCD (ORCPT ); Mon, 11 Apr 2016 15:02:03 -0400 Subject: Re: [ANNOUNCE] linux-stable security tree To: Jeff Merkey References: <570BE4A5.20200@oracle.com> Cc: LKML , stable , lwn@lwn.net From: Sasha Levin Message-ID: <570BF4A5.2010808@oracle.com> Date: Mon, 11 Apr 2016 15:01:57 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Source-IP: userv0022.oracle.com [156.151.31.74] Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1677 Lines: 53 On 04/11/2016 02:17 PM, Jeff Merkey wrote: > On 4/11/16, Sasha Levin wrote: >> Hi all, >> >> >> I'd like to announce the linux-stable security tree project. The purpose >> is to create a derivative tree from the regular stable tree that would >> contain only commits that fix security vulnerabilities. >> >> Quite a few users of the stable trees pointed out that on complex >> deployments, >> where validation is non-trivial, there is little incentive to follow the >> stable tree after the product has been deployed to production. There is no >> interest in "random" kernel fixes and the only requirements are to keep up >> with security vulnerabilities. >> >> Given this, a few projects preferred to delay important kernel updates, and >> a few even stopped updating the tree altogether, exposing them to critical >> vulnerabilities. >> >> This project provides an easy way to receive only important security >> commits, >> which are usually only a few in each release, and makes it easy to >> incorporate >> them into existing projects. >> >> The tree is available at: >> >> https://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable-security.git/ >> >> Support is provided for all active -stable trees >> (https://www.kernel.org/category/releases.html). >> Branches/tags for unsupported versions of >=3.0 kernels were also generated >> for reference. >> >> >> Thanks, >> Sasha >> >> >> > > Hi Sasha, > > Can you push a copy of this tree to github like Linus has done with > torvalds/linux so folks who want to develop on it can fork it from > there. Sure! Now pushed to https://github.com/sashalevin/linux-stable-security Thanks, Sasha