Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: "Daniel A. Avelino" <daavelino@...>
Subject: Re: No GLSA since January?!?
Date: Fri, 26 Aug 2011 15:22:40 -0300
<br><br><div class="gmail_quote">On Fri, Aug 26, 2011 at 2:57 PM, Alex Legler <span dir="ltr">&lt;<a href="mailto:a3li@g.o">a3li@g.o</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">On Friday 26 August 2011 14:18:20 Daniel A. Avelino wrote:<br>
&gt; Alex.<br>
&gt;<br>
&gt; May be a call for volunteers more &quot;intense&quot; could improve the manpower. This<br>
&gt; could be a more<br>
&gt; easy start point to address, no?.<br>
<br>
</div>Well, the staffing needs page IS the point for making such calls. It&#39;s not<br>
that we haven&#39;t had people contacting us about helping, it&#39;s that they usually<br>
disappear shortly after that again after they&#39;ve seen the tasks at hand.<br>
<div class="im"><br></div></blockquote><div>I know how it works!<br> <br></div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"><div class="im">

&gt; I work too in some [smaller] security processes and can figure out what kind<br>
&gt; of work are you talking about.<br>
&gt;<br>
&gt; As Kauhaus pointed, may be somethings should be automated but again, this is<br>
&gt; a hard job to<br>
&gt; implement and to keep results trustable.<br>
&gt;<br>
<br>
</div>Automation is a key thing I&#39;ve been introducing in the new tools and processes<br>
for sending advisories.<br>
I&#39;d rather not focus on a temporary automated system however, knowing that<br>
we&#39;re about to get back to the/near the status quo.<br>
<div class="im"><br></div></blockquote><div>When I think about automation, I had in mind something that could help developers to find<br>vulnerabilities in a more fast way [searching and confronting CVE, for example] and  start a <br>
&quot;call for solution&quot; process. I work with solutions of this type for WEB vulnerabilities discover<br>and some tools are very interesting to reduce the correction time.<br><br>By the way, I will start to read about what a Padawan should know instead of <br>
make speculations prematurelly. :D<br> <br></div>Thank you very much for the explanations.<br><br>Daniel A. Avelino<br></div>
Replies:
Re: No GLSA since January?!?
-- Alex Legler
References:
No GLSA since January?!?
-- Christian Kauhaus
Re: No GLSA since January?!?
-- JD Horelick
Re: No GLSA since January?!?
-- Daniel A. Avelino
Re: No GLSA since January?!?
-- Alex Legler
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: No GLSA since January?!?
Next by thread:
Re: No GLSA since January?!?
Previous by date:
Re: No GLSA since January?!?
Next by date:
Re: No GLSA since January?!?


Updated Oct 31, 2011

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.