Return-Path: <linux-kernel-owner+willy=40w.ods.org-S262833AbVAQSOc@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S262833AbVAQSOc (ORCPT <rfc822;willy@w.ods.org>);
	Mon, 17 Jan 2005 13:14:32 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262821AbVAQSMf
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Mon, 17 Jan 2005 13:12:35 -0500
Received: from rwcrmhc12.comcast.net ([216.148.227.85]:14585 "EHLO
	rwcrmhc12.comcast.net") by vger.kernel.org with ESMTP
	id S262825AbVAQSHj (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Mon, 17 Jan 2005 13:07:39 -0500
Message-ID: <41EBFEEE.9070006@comcast.net>
Date: Mon, 17 Jan 2005 13:07:42 -0500
From: John Richard Moser <nigelenki@comcast.net>
User-Agent: Mozilla Thunderbird 1.0 (X11/20041211)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Diego Calleja <diegocg@gmail.com>
CC: linux-kernel@vger.kernel.org
Subject: Re: Linux Kernel Audit Project?
References: <41EB6691.10905@comcast.net>	<41EB6BD6.5070702@comcast.net> <20050117141150.7cce80c1.diegocg@gmail.com>
In-Reply-To: <20050117141150.7cce80c1.diegocg@gmail.com>
X-Enigmail-Version: 0.89.5.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1877
Lines: 58

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Diego Calleja wrote:
> El Mon, 17 Jan 2005 02:40:06 -0500 John Richard Moser <nigelenki@comcast.net> escribi?:
> 
> 
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>On the same line, I've been graphing Ubuntu Linux Security Notices for a
>>while.  I've noticed that in the last 5, the number of kernel-related
>>vulnerabilities has doubled (3 more).  This disturbs me.
> 
> 
> 
> Most of the latest (ie: 2004) serious kernel holes (if not all) have been
> found by the isec.pl guys (http://www.isec.pl/vulnerabilities.html), specially
> Paul Starzetz. While they're not a "auditing project", the effect they're
> having is the same.
> 

sweet.

> 
> (By the way, secunia reports that 48% of the vulnerabilities reported for
> the linux kernel are not patched http://secunia.com/product/2719/ . I guess
> they can't notice when bugs are fixed but I hope there's not any open hole
> left)

There's probably open holes.  Never assume there's not.

> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
> 

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB6/7shDd4aOud5P8RAuMXAJ4rv2TMVALf7OD1omtXd9QrY4Qz3wCeO1Y3
MIjR3sUE2D4xWbXrkeMbOWE=
=hmFl
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/