Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262833AbVAQSOc (ORCPT ); Mon, 17 Jan 2005 13:14:32 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262821AbVAQSMf (ORCPT ); Mon, 17 Jan 2005 13:12:35 -0500 Received: from rwcrmhc12.comcast.net ([216.148.227.85]:14585 "EHLO rwcrmhc12.comcast.net") by vger.kernel.org with ESMTP id S262825AbVAQSHj (ORCPT ); Mon, 17 Jan 2005 13:07:39 -0500 Message-ID: <41EBFEEE.9070006@comcast.net> Date: Mon, 17 Jan 2005 13:07:42 -0500 From: John Richard Moser User-Agent: Mozilla Thunderbird 1.0 (X11/20041211) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Diego Calleja CC: linux-kernel@vger.kernel.org Subject: Re: Linux Kernel Audit Project? References: <41EB6691.10905@comcast.net> <41EB6BD6.5070702@comcast.net> <20050117141150.7cce80c1.diegocg@gmail.com> In-Reply-To: <20050117141150.7cce80c1.diegocg@gmail.com> X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1877 Lines: 58 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Diego Calleja wrote: > El Mon, 17 Jan 2005 02:40:06 -0500 John Richard Moser escribi?: > > >>-----BEGIN PGP SIGNED MESSAGE----- >>Hash: SHA1 >> >>On the same line, I've been graphing Ubuntu Linux Security Notices for a >>while. I've noticed that in the last 5, the number of kernel-related >>vulnerabilities has doubled (3 more). This disturbs me. > > > > Most of the latest (ie: 2004) serious kernel holes (if not all) have been > found by the isec.pl guys (http://www.isec.pl/vulnerabilities.html), specially > Paul Starzetz. While they're not a "auditing project", the effect they're > having is the same. > sweet. > > (By the way, secunia reports that 48% of the vulnerabilities reported for > the linux kernel are not patched http://secunia.com/product/2719/ . I guess > they can't notice when bugs are fixed but I hope there's not any open hole > left) There's probably open holes. Never assume there's not. > - > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ > - -- All content of all messages exchanged herein are left in the Public Domain, unless otherwise explicitly stated. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB6/7shDd4aOud5P8RAuMXAJ4rv2TMVALf7OD1omtXd9QrY4Qz3wCeO1Y3 MIjR3sUE2D4xWbXrkeMbOWE= =hmFl -----END PGP SIGNATURE----- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/