On Wed, Jan 3, 2018 at 4:21 PM, Stroller <strol...@stellar.eclipse.co.uk> wrote: > > If the kernel devs cared to announce when they were patching exploits then we > could take each > one under consideration individually. But the kernel devs are secretive about > kernel exploits, because > they know there are literally millions of systems out there on the internet > with kernels months and years old. >
I'm skeptical of that claim. I think it is more that they don't want to try to track which commits are associated with CVEs. I believe they've said as much publicly. They're not particularly secretive about exploits except when they're under embargo (such as at the present moment). -- Rich