| 1 |
On Friday 26 August 2011 14:18:20 Daniel A. Avelino wrote: |
| 2 |
> Alex. |
| 3 |
> |
| 4 |
> May be a call for volunteers more "intense" could improve the manpower. This |
| 5 |
> could be a more |
| 6 |
> easy start point to address, no?. |
| 7 |
|
| 8 |
Well, the staffing needs page IS the point for making such calls. It's not |
| 9 |
that we haven't had people contacting us about helping, it's that they usually |
| 10 |
disappear shortly after that again after they've seen the tasks at hand. |
| 11 |
|
| 12 |
> I work too in some [smaller] security processes and can figure out what kind |
| 13 |
> of work are you talking about. |
| 14 |
> |
| 15 |
> As Kauhaus pointed, may be somethings should be automated but again, this is |
| 16 |
> a hard job to |
| 17 |
> implement and to keep results trustable. |
| 18 |
> |
| 19 |
|
| 20 |
Automation is a key thing I've been introducing in the new tools and processes |
| 21 |
for sending advisories. |
| 22 |
I'd rather not focus on a temporary automated system however, knowing that |
| 23 |
we're about to get back to the/near the status quo. |
| 24 |
|
| 25 |
> I'd started following this list recently and yet does not know how |
| 26 |
> work fluxes are performed here but, may be, this could be a good place to |
| 27 |
> start a review of GLSA processes, what |
| 28 |
> do you think about this? |
| 29 |
|
| 30 |
You can find the relevant info on our websites [1] |
| 31 |
|
| 32 |
The thing is, the basic idea cannot be changed. We will always have a flow |
| 33 |
issue -> bug -> fix -> stabling -> advisory. |
| 34 |
|
| 35 |
Specifically, the current goal is, to have the advisory drafting starting |
| 36 |
earlier and using the information we've already entered into our bugzilla and |
| 37 |
CVE tracker in a much more integrated way. It's a bit hard to explain, you'd |
| 38 |
best see for yourself (by joining us of course! ;)). |
| 39 |
|
| 40 |
Alex |
| 41 |
|
| 42 |
[1] http://www.gentoo.org/proj/en/security/ |
| 43 |
|
| 44 |
-- |
| 45 |
Alex Legler <a3li@g.o> |
| 46 |
Gentoo Security / Ruby |
Archives