Linux

48287 readers

655 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Linux Kernel CVEs, What Has Caused So Many to Suddenly Show Up? - talk by Greg Kroah-Hartman (August 2024) (www.youtube.com)

submitted 2 months ago* (last edited 2 months ago) by cypherpunks@lemmy.ml to c/linux@lemmy.ml

7 comments fedilink hide all child comments

cross-posted from: https://lemmy.ml/post/20502769

here is the talk description, from its page on the schedule for KubeCon + CloudNativeCon + Open Source Summit China 2024 (which Linux Foundation somehow neglected to put in their youtube upload's description):

In Febuary the Linux kernel community took charge of issuing CVEs for any found vulnerability in their codebase. By doing this, they took away the ability for any random company to assign CVEs in order to make their engineering processes run smoother, and instead have set up a structure for everyone to participate equally.

This talk will go into how the Linux CVE team works, how CVEs are assigned, and how you can properly handle the huge number of new CVEs happening in a simple and secure way.

今年二月，Linux内核社区开始负责为其代码库中发现的任何漏洞发布CVE编号。通过这样做，他们剥夺了任何随机公司分配 CVE 的能力，以便使他们的工程流程更顺畅，取而代之的是建立了一个人人平等参与的结构。

本次演讲将介绍 Linux CVE 团队的工作方式，CVE 的分配过程，以及如何以简单且安全的方式妥善处理大量新出现的 CVE。

Here is a PDF of the slides from Greg's git repo for this talk.

top 7 comments

sorted by: hot top controversial new old

[–] pinganini@mstdn.social 3 points 2 months ago

@cypherpunks I know the dude from your profile picture

[–] thingsiplay@beehaw.org 3 points 2 months ago (1 children)

Because Rust is in the Kernel now. :-p just joking, I'm a Rust fan myself!

[–] 30p87@feddit.org 1 points 1 month ago (1 children)

The joke doesn't really make sense, Rust should only lower security problems. Except if C devs now try to use their old style of coding in Rust, with unsafe Rust.

[–] thingsiplay@beehaw.org 2 points 1 month ago (1 children)

That's the entire joke. It makes sense BTW. Just because Rust is in the Kernel, we blame it for the problems. Especially spicy, because it is meant to make it more secure. The opposite effect is here the joke. You may not find it funny, but it makes perfectly sense as a joke.

[–] 30p87@feddit.org 1 points 1 month ago (1 children)

As I genuinely hate Rust, jokes about hating Rust aren't jokes for me lol

[–] thingsiplay@beehaw.org 1 points 1 month ago

I have yet to find a joke everyone agrees on.^^ The perfect joke.

[–] 30p87@feddit.org 2 points 1 month ago

I'd just blame AI and call it a day.