Report any bugs you think you may have found because you are working with the latest and greatest drivers! If your bug is backport compatibility-related then we should still try to fix it within the compatibility layer. If you are not sure you can let us help you. To date we have only have identified 2 backport related bugs, all other reported bugs were real bugs in actual upstream code!
We are working on a bugzilla entry for compat / compat-drivers, until then please report all bugs you think you my have found to the backports mailing list and if you know what subsystem you think the bug belongs to Cc: the respective mailing list. Remember that chances are high that the bug is not a backport bug but instead a real upstream bug that must be fixed.
What mailing lists to report bugs to
Always use: email@example.com and then use one of the following mailing lists depending on the subsystem from where your driver belongs:
* bluetooth: firstname.lastname@example.org * wireless: email@example.com * ethernet: firstname.lastname@example.org
Reporting security vulnerabilities
If you have a security vulnerabilities issue to report and you know it is backports related you can report this directly to the maintainers:
* email@example.com, firstname.lastname@example.org, email@example.com
The report will be handled in private, once the issue is fixed and propagated to users, the security fix will be disclosed and documented. As of date we have had no security vulnerabilities issues reported. Until then this page can be used to track updates on vulnerabilities related to Linux backports. The attack surface to Linux backports consists about 1-2% of code, this varies depending on what kernel you are on. The older kernel you are on the higher the security risk. Security issues on Linux should affect users of Linux backports if the code is carried over into backports, fixes for that are addressed through new release of backports with the corresponding upstream fixes. Security fixes for Linux belong upstream on Linux, not on Linux backports. To learn how to report Linux kernel security issues refer to SecurityBugs documentation.
The Linux kernel bugzilla has an entry for backport bugs.
Reporting new backport bugs
To record a new bug:
- access the Backports project section of Bugzilla
- select the backports component (it is the only component available)
Viewing bugs by status
- This text is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.