1 |
On Friday 26 August 2011 15:22:40 Daniel A. Avelino wrote: |
2 |
> > When I think about automation, I had in mind something that could help |
3 |
> |
4 |
> developers to find |
5 |
> vulnerabilities in a more fast way [searching and confronting CVE, for |
6 |
> example] and start a |
7 |
> "call for solution" process. I work with solutions of this type for WEB |
8 |
> vulnerabilities discover |
9 |
> and some tools are very interesting to reduce the correction time. |
10 |
> |
11 |
|
12 |
We already use CVE as one of our sources of vulnerability intelligence. |
13 |
Finding issues is also not the real issue here. |
14 |
Also, actual issue correction is not our job, it's the responsibility of the |
15 |
package maintainer. |
16 |
|
17 |
Can you share details about the utilities you are using? |
18 |
|
19 |
Alex |
20 |
|
21 |
-- |
22 |
Alex Legler <a3li@g.o> |
23 |
Gentoo Security / Ruby |