From: "Daniel A. Avelino" <daavelino@gmail.com>
To: gentoo-security@lists.gentoo.org
Subject: Re: [gentoo-security] No GLSA since January?!?
Date: Fri, 26 Aug 2011 15:22:40 -0300 [thread overview]
Message-ID: <CAKdB2xGRm6XK4cNCF9+=s2hYRsTy=nE_8aX1_XRMsXDCbFWO7g@mail.gmail.com> (raw)
In-Reply-To: <7389624.KK35qxi7RL@neon>
[-- Attachment #1: Type: text/plain, Size: 1592 bytes --]
On Fri, Aug 26, 2011 at 2:57 PM, Alex Legler <a3li@gentoo.org> wrote:
> On Friday 26 August 2011 14:18:20 Daniel A. Avelino wrote:
> > Alex.
> >
> > May be a call for volunteers more "intense" could improve the manpower.
> This
> > could be a more
> > easy start point to address, no?.
>
> Well, the staffing needs page IS the point for making such calls. It's not
> that we haven't had people contacting us about helping, it's that they
> usually
> disappear shortly after that again after they've seen the tasks at hand.
>
> I know how it works!
> > I work too in some [smaller] security processes and can figure out what
> kind
> > of work are you talking about.
> >
> > As Kauhaus pointed, may be somethings should be automated but again, this
> is
> > a hard job to
> > implement and to keep results trustable.
> >
>
> Automation is a key thing I've been introducing in the new tools and
> processes
> for sending advisories.
> I'd rather not focus on a temporary automated system however, knowing that
> we're about to get back to the/near the status quo.
>
> When I think about automation, I had in mind something that could help
developers to find
vulnerabilities in a more fast way [searching and confronting CVE, for
example] and start a
"call for solution" process. I work with solutions of this type for WEB
vulnerabilities discover
and some tools are very interesting to reduce the correction time.
By the way, I will start to read about what a Padawan should know instead of
make speculations prematurelly. :D
Thank you very much for the explanations.
Daniel A. Avelino
[-- Attachment #2: Type: text/html, Size: 2262 bytes --]
next prev parent reply other threads:[~2011-08-26 18:23 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-08-26 16:12 [gentoo-security] No GLSA since January?!? Christian Kauhaus
2011-08-26 16:43 ` Christoph Jasinski
2011-08-26 16:57 ` JD Horelick
2011-08-26 17:18 ` Daniel A. Avelino
2011-08-26 17:57 ` Alex Legler
2011-08-26 18:22 ` Daniel A. Avelino [this message]
2011-08-26 18:44 ` Alex Legler
2011-08-26 19:27 ` Daniel A. Avelino
2011-08-26 16:55 ` Alex Legler
2011-08-26 17:06 ` Christian Kauhaus
2011-08-26 18:00 ` Joost Roeleveld
2011-08-26 18:07 ` Alex Legler
2011-08-26 19:30 ` Joost Roeleveld
2011-08-26 18:08 ` Kevin Bryan
2011-08-26 18:40 ` Alex Legler
2011-08-26 20:02 ` Kevin Bryan
2011-08-26 20:40 ` Daniel A. Avelino
2011-08-26 22:27 ` Alex Legler
2011-08-26 23:38 ` Daniel A. Avelino
2011-08-26 18:41 ` Daniel A. Avelino
2011-08-27 8:49 ` Christian Kauhaus
2011-08-27 12:13 ` Rich Freeman
2011-08-27 12:34 ` Tobias Heinlein
2011-08-27 13:06 ` Rich Freeman
2011-08-27 13:34 ` Tobias Heinlein
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAKdB2xGRm6XK4cNCF9+=s2hYRsTy=nE_8aX1_XRMsXDCbFWO7g@mail.gmail.com' \
--to=daavelino@gmail.com \
--cc=gentoo-security@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox