[yocto] Minutes: Yocto Project Technical Team Meeting - Tuesday, September 9, 2014 8:00 AM US Pacific Time
sona.sarmadi at enea.com
Wed Sep 24 04:44:27 PDT 2014
> As well as security fixes for the kernel, do you also cover security fixes for the
> userspace (i.e. everything else in oe-core)? Help keeping the rest of the
> system safe, and relevant fixes backported to the stable releases, is always
Yes, we monitor oss-security public mailing list, as soon a new vulnerability (CVE) in the Linux kernel or userspace is announced in that list, we try to catch them and backport all which are relevant. We look for other sources as well but oss-securiy (oss-security at lists.openwall.com) is a good source/mailing list/ to detect vulnerabilities in open source products (kernel & userspace).
More information about the yocto