1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Luca Barbato a écrit : |
5 |
> Here is a list of interesting questions: "Are we fine?" "What are we |
6 |
> going to do?" |
7 |
> |
8 |
> Please project leaders try to reply in short. |
9 |
> |
10 |
|
11 |
Ok, technically I'm not security lead, but since I and rbu almost |
12 |
completely handled the security team since 2 months, I think I can at |
13 |
least give my opinions on what's going on. |
14 |
|
15 |
> About the stuff I'm involved: |
16 |
> |
17 |
> Are we fine? |
18 |
|
19 |
security: |
20 |
Well, with an average of ~ 1 GLSA/day for November and December, things |
21 |
are going a little bit better than some months ago. We still have too |
22 |
many open bugs (~115),but we tend to be a little more reactive since we |
23 |
now actively monitor the vendor-security mailing list plus the freshly |
24 |
attributed CVE ids, so we're able to file bugs and get them corrected |
25 |
before they go public. This also means arches security liaisons should |
26 |
be prepared to get called more often from now on. |
27 |
|
28 |
> |
29 |
> What are we going to do: |
30 |
> |
31 |
|
32 |
Personally, I'd like that we become more regular for the GLSA releases, |
33 |
instead of doing nothing for days then rushing to send 10 GLSAs in 2 days. |
34 |
I'd also like to take care of the really old bugs, say, opened for at |
35 |
least 6 months (~25 at the moment). |
36 |
Don't know if we'll manage to do it, but at least we'll try. |
37 |
|
38 |
|
39 |
This was a (very) short reply, sec team members are of course |
40 |
welcome to complete. |
41 |
|
42 |
- -- |
43 |
Pierre-Yves Rofes |
44 |
Gentoo Linux Security Team |
45 |
-----BEGIN PGP SIGNATURE----- |
46 |
Version: GnuPG v1.4.7 (GNU/Linux) |
47 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |
48 |
|
49 |
iD8DBQFHhVS1uhJ+ozIKI5gRAqbnAJ9URJQ2fMFdjrpaER1dKF+ws4VDQQCdHZ98 |
50 |
2rCq9l3JGrxfSXZNttN40ok= |
51 |
=5N0K |
52 |
-----END PGP SIGNATURE----- |
53 |
-- |
54 |
gentoo-dev@l.g.o mailing list |