Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Ned Ludd <solar@g.o>
Subject: Security Updates And Announcements
Date: 17 Jan 2004 01:04:22 -0500
- Security Updates And Announcements -

Security problems should be reported via bugzilla and assigned to
security@gentoo (this is a must)

As it stands right now our security updates have undergone alot of
changes in the last few months and there are still some quarks to work
out. The general idea we are aiming for is GLSA's in xml format. This
allows us to display the GLSA's on-line as well as have portage take
advantage of those GLSA's for the upcoming "emerge --security" feature.

GLSA's are sent primarily to 3 places full-disclosure, bugtraq,
gentoo-announce@g.o. At one time they went to this list here but for
what ever reason some people started complaining about getting a GLSA
from more than one list. Honestly I think those people should get over
it and GLSA's be sent to this list again or perhaps a
gentoo-security-announce@ would be a better place.


Anyway as you all know Gentoo is a community driven effort and we only
can only take care of the tasks we have time for. A lot of our 
developers have other lives so and dont always have time to sit around 
writing up a GLSA. So the simple solution to this would be to recruit  
more people to help out in this area, however technical writers with a
clue are a rare commodity.  So I'd like to open up a slot or two for a  
few people from this list that may be willing to help out in this dept.
If you think you have what it takes please drop a mail to solar@gentoo
and CC: security@gentoo . We also need more people actually reporting 
security problems and solutions to bugzilla so that something can be
done about them.

Currently we are also exploring the idea of user contributed GLSA's.
Tim Yamin <plasmaroo@gentoo> wants people to test the GLSAMaker at
http://dev.gentoo.org/~plasmaroo/glsa-test and complain to him if it
doesn't work.

And for you irc junkies you can find most of the sec team on
irc.gentoo.org #gentoo-security

Hope this has been somewhat enlightening.

-peace

Ned Ludd <solar@g.o>
Gentoo Linux Developer
Attachment:
signature.asc (This is a digitally signed message part)
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Security Updates
Next by thread:
LSA list
Previous by date:
Re: Security Updates
Next by date:
LSA list


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.