Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://fosstodon.org/users/kees/statuses/111998710835363296">Kees Cook :tux: (kees@fosstodon.org)'s status on Wednesday, 28-Feb-2024 03:24:34 JST</a><a href="https://fosstodon.org/@kees" title="kees@fosstodon.org"><img src="https://gnusocial.jp/avatar/107149-48-20230725231521.webp" width="48" height="48" alt="Kees Cook :tux:" style="position: absolute; left: 0; top: 0;">Kees Cook :tux:</a><div><a href="https://mastodon.social/@vegard/111998686739212622" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/76797" title="vathpela@better.boston">Farce Majeure</a></li><li><a href="https://gnusocial.jp/user/101452" title="gregkh@social.kernel.org">Greg K-H</a></li><li><a href="https://gnusocial.jp/user/106037" title="kurtseifried@infosec.exchange">kurtseifried (he/him)</a></li></ul></div></section><article><p><a href="https://mastodon.social/@vegard">@vegard</a> <a href="https://infosec.exchange/@kurtseifried">@kurtseifried</a> <a href="https://better.boston/@vathpela">@vathpela</a> <a href="https://social.kernel.org/users/gregkh">@gregkh</a> That is exactly right!</p><p>I remain impressed that the Ubuntu security team (and kernel team) do severity analysis (with respect to the distro), and usually flaw introduction commit analysis, for each kernel CVE. It's already lot of work, so I'm curious how they will adapt to the higher rate of CVE assignments now.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2768129#notice-5487712">In conversation</a><time datetime="2024-02-28T03:24:34+09:00" title="Wednesday, 28-Feb-2024 03:24:34 JST">about a year ago</time> <span>from <span><a href="https://fosstodon.org/@kees/111998710835363296" rel="external" title="Sent from fosstodon.org via ActivityPub">fosstodon.org</a></span></span><a href="https://fosstodon.org/@kees/111998710835363296">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Wednesday, 28-Feb-2024 03:24:34 JSTKees Cook :tux:
in reply to
@vegard @kurtseifried @vathpela @gregkh That is exactly right!
I remain impressed that the Ubuntu security team (and kernel team) do severity analysis (with respect to the distro), and usually flaw introduction commit analysis, for each kernel CVE. It's already lot of work, so I'm curious how they will adapt to the higher rate of CVE assignments now.
In conversationabout a year ago from fosstodon.orgpermalink

Public

Embed Notice

HTML Code

Corresponding Notice