Gentoo Archives: gentoo-dev

From: Thierry Carrez <koon@g.o>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] Security status update
Date: Wed, 15 Jun 2005 08:39:48
1 Here is the status update for the Security team, wrt 2005 objectives.
3 - Recruit new team members
5 We should have two new GLSA coordinators (on probation) as soon as the
6 recruitment freeze is over. The objective for the rest of the year is to
7 recruit more people in US/Pacific TZ to ensure a constant watch (most
8 current GLSA coordinators are Europe-based).
10 - Put new procedures in place to ensure kernel security
12 This joint venture with the kernel team is quite advanced now. The
13 kernel security subproject has been created and the Kernel Interactive
14 Security Status system (KISS) is in beta phase.
16 - Improve auditing
18 The addition of Tavis Ormandy and Rob Holland to the auditors team was
19 very beneficial, and the number of vulnerabilities found by the Gentoo
20 Security Audit team now competes with the top other distribution audit
21 teams (Debian, RedHat, SuSE).
23 - Get official CVE compatibility
25 We completed the first steps towards that goal.
27 --
28 Thierry Carrez (Koon)
29 Operational Manager, Gentoo Linux Security
30 --
31 gentoo-dev@g.o mailing list