Gentoo Archives: gentoo-security

From: Alex Legler <a3li@g.o>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] No GLSA since January?!?
Date: Fri, 26 Aug 2011 18:46:35
Message-Id: 4785038.vCXUPsJWHB@neon
In Reply to: Re: [gentoo-security] No GLSA since January?!? by "Daniel A. Avelino"
On Friday 26 August 2011 15:22:40 Daniel A. Avelino wrote:
> > When I think about automation, I had in mind something that could help > > developers to find > vulnerabilities in a more fast way [searching and confronting CVE, for > example] and start a > "call for solution" process. I work with solutions of this type for WEB > vulnerabilities discover > and some tools are very interesting to reduce the correction time. >
We already use CVE as one of our sources of vulnerability intelligence. Finding issues is also not the real issue here. Also, actual issue correction is not our job, it's the responsibility of the package maintainer. Can you share details about the utilities you are using? Alex -- Alex Legler <a3li@g.o> Gentoo Security / Ruby

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-security] No GLSA since January?!? "Daniel A. Avelino" <daavelino@×××××.com>