> I'm sorry, but you claim to be doing the work of travelling the patches
some commits, yes.
> and checking them for security relevance,
i mostly check them for interference with my work and that necessarily means that sometimes my eyes catch security relevant commits as well.
> and do not publish the results
i don't understand what is there to publish. aren't all bugs just bugs? what else do *you* want to know about them? you can't defend the coverup of security bugs and complain about their lack of disclosure at the same time. make up your mind ;). also you're welcome to follow spender's twitter stream, we often inform each other about suspicious commits and investigate together.
> while complaining others don't publish the very same data (which they arguably don't have at hand)?
i never complained about not disclosing security impact information they do not themselves have already. quote me back if you believe otherwise. what i did and still do complain about is when they *know* that a commit fixes a security bug but cover it up.
> I just can't imagine our esteemed editor refusing a volunteer column like the article we are talking about here.
it wasn't him (Jon) and it wasn't going to be part of LWN but rather a reply to -stable postings on lkml (spender went back and double checked the emails).