Re: Coverity Open Source Defect Scan of Linux

[Greg KH]

On Sun, Mar 05, 2006 at 09:35:11PM -0800, Ben Chelf wrote:
>   Right now, we're guarding access to the actual defects that we report 
> for a couple of reasons: (1) We think that you, as developers of Linux, 
> should have the chance to look at the defects we find to patch them 
> before random other folks get to see what we found and (2) From a 
> support perspective, we want to make sure that we have the appropriate 
> time to engage with those who want to use the results to fix the code. 

If you feel these are security related, please contact
security@xxxxxxxxxx with the information (as is documented in the kernel
documentation).  If you do not feel they are security related, but just
normal bugs that don't really cause problems, feel free to just post the
information here on lkml, and cc: the maintainers of the affected areas
of code.

In other words, these should be treated like any other potential bug
report.  And I mean "potential", as your tool has had false positives in
the past :)

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/