[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE tagged Linux kernel git repositories
From:       Eugene Teo <eugene () redhat ! com>
Date:       2010-11-25 14:04:23
Message-ID: 4CEE6CE7.6060308 () redhat ! com
[Download RAW message or body]

Hi,

I have published CVE tagged Linux kernel git repositories for 2.6, 
2.6.32.y and 2.6.36.y. They are tagged with all the security issues 
reported this year.

You can find them at http://git.kernel.org or
* 
http://git.kernel.org/?p=linux/kernel/git/eugeneteo/linux-2.6-cve-tagged.git;a=summary
* 
http://git.kernel.org/?p=linux/kernel/git/eugeneteo/linux-2.6.32.y-cve-tagged.git;a=summary
* 
http://git.kernel.org/?p=linux/kernel/git/eugeneteo/linux-2.6.36.y-cve-tagged.git;a=summary

You can see when the security issues were addressed:
http://git.kernel.org/?p=linux/kernel/git/eugeneteo/linux-2.6-cve-tagged.git;a=tags

You can also search for security fixes by CVE names, e.g. CVE-2010-2943:
http://git.kernel.org/?p=linux/kernel/git/eugeneteo/linux-2.6-cve-tagged.git;a=shortlog;h=refs/tags/CVE-2010-2943

In this example, you will notice that there are two tags of the same CVE 
name, CVE-2010-2943 and CVE-2010-2943.05. That means that there are five 
patches for this CVE name, and you can access them via CVE-2010-2943.01 
to .05.

Hope this is useful!

Thanks, Eugene
[prev in list] [next in list] [prev in thread] [next in thread]