Yocto, Kernel and OpenBMC security maintenance
Andrew Jeffery
andrew at aj.id.au
Mon Nov 13 16:37:48 AEDT 2017
On Tue, 2017-11-07 at 15:56 +1030, Joel Stanley wrote:
> On todays community call we chatted about security updates for the
> project. Nancy pointed out that there tools in the tree that are many
> versions out of date and have security fixes available, but not
> applied to our tree.
>
> To date there has been no focused effort on ensuring known
> vulnerabilities are patched, weather this be backporting patches or
> updating to newer releases. I suggested we focus on ensuring the
> OpenBMC tree, as the upstream for our products, is where security
> fixes are applied.
For what it's worth there's some discussion of upgrading to Yocto 2.3
and what we might do to better track master on the issue tracker:
https://github.com/openbmc/openbmc/issues/2461
I agree we need to improve how we track things such as security patches
that go into upstream.
Andrew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20171113/6597b9fc/attachment.sig>
More information about the openbmc
mailing list