Stable kernel 2.6.25.10

> Once again, if you have any comments, questions, or concerns about how I
> and the other kernel developers are handling the -stable updates and
> notifications, please do so on the linux-kernel mailing list and I will
> be very glad to discuss them there, in public.

so, i did just that yesterday. note that you might want to fix your spam filters because i
didn't see my mail show up in the archives nor did i get a bounce. but at least the
individuals on CC (yourself included) should have got it. for reference for others in case it
doesn't make it into the archives:

On 3 Jul 2008 at 11:57, Greg KH wrote:

> On Thu, Jul 03, 2008 at 10:29:14AM -0700, Greg KH wrote:
> Adding 2 more addresses to this thread, as they were said to have
> questions about this kernel release.

not only this one, but every commit for the past few years that fixed
bugs with security impact. for reference:

http://lwn.net/Articles/285438/
http://lwn.net/Articles/286263/
http://lwn.net/Articles/287339/
http://lwn.net/Articles/288473/

> Again, if the above information is somehow insufficient as to what
> exactly is fixed in the -stable releases, and anyone has questions about
> how these release announcements are created, please let me know.

what is the disclosure policy used for commits fixing bugs with security
impact (both vanilla and -stable, especially if there's a difference)?

what do you include/omit?

how does it relate to what is declared in Documentation/SecurityBugs?