diff options
Diffstat (limited to 'kernsecbugz.txt')
-rw-r--r-- | kernsecbugz.txt | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/kernsecbugz.txt b/kernsecbugz.txt new file mode 100644 index 0000000..467b01b --- /dev/null +++ b/kernsecbugz.txt @@ -0,0 +1,55 @@ +Bugzilla Kernel Version specification + +The whiteboard field on the bug should be used to specify the vulnerable +versions of all kernel sources for this bug. A bug can affect a package in three +ways (and can therefore be fixed in three ways): + (1) by affecting the kernel.org release ("linux"), + (2) by affecting a certian set of Gentoo Patchsets ("gp") + (3) by affecting a specific set of Gentoo kernel sources ("*-sources"). + +The priorities of these levels override each other with 3 having the highest +priority (2 second and 1 lowest) Note that priority does not mean severity of +the bug. Rather, the priority level is a scale of generality with 1 having the +highest generality. A whiteboard entry of the type [linux] affects all kernels +based off that version until a higher priority entry is added. + +Higher levels (2, 3) should normally only mark unaffected versions that are +affected in lower levels. To override this and expand the "affected" interval +over the boundaries giving by lower levels, version specifiers should be +prefixed with a "+". + +Intervals specify the affected versions and can, for each level, be specified +open (with upper or lower boundary only), or closed, either inclusive or not. +Spaces are discarded. + +The order in which interval are specified is irrelevant. + +Examples: + [linux > 2.6] -- means all Linux releases since 2.6 are affected + [linux < 2.6.24.3] -- means all Linux versions prior to 2.6.24.3 are affected. + [linux >= 2.6.24 < 2.6.24.3] -- means all Linux versions greater than, and + including, 2.6.24, except if they are equal or greater than .3 + + +Complex examples: + [linux >= 2.6.18 < 2.6.24.3] [gp < 2.6.23-8] + This means: affected is every kernel based on a linux release higher/equal than + 2.6.18, but not those based on 2.6.24.3 or later. Kernels using a genpatches + version 2.6.23-8 or later are also not affected. 2.6.17 or earlier kernels + using genpatches are not affected. + + [linux >= 2.6.18 < 2.6.24.3] [gp +< 2.6.23-8] + Same as before, except even 2.6.17 and earlier genpatched kernerls are also + affected (because of the +). + + [linux >= 2.6.18 < 2.6.24.3] [gp >= 2.6.15 +<= 2.6.23-8] + Similar to the previous example, except kernels using genpatches are + affected from versions 2.6.15 (inclusive) up to 2.6.23-8 (inclusive). + + [linux >= 2.6.18] [gp >= 2.6.23 < 2.6.23-8] [gp < 2.6.22-10] + All Linuxes since 2.6.18, unaffected are all Genpatched kernels between + 2.6.22-10 and (not including) 2.6.23, plus those after 2.6.23-8. + + [linux >= 2.6.18 < 2.6.24.3] [gp < 2.6.23-8] [xen < 2.6.18-r9] [xen >= 2.6.19] + Same as the first example, except the 2.6.18 series of xen-kernels was fixed in 2.6.18-r9. + |