| 1 |
On Fri, Mar 26, 2004 at 04:35:01PM +0100 or thereabouts, Tobias Weisserth wrote: |
| 2 |
> Bugzilla doesn't contain A LOT OF vulnerabilities that have been |
| 3 |
> reported to bugtraq and FD for example. I have been entering three from |
| 4 |
> bugtraq during the last four days alone. Browsing bugzilla is not a |
| 5 |
> solution. |
| 6 |
> |
| 7 |
> I will try to compile a weekly pending GLSA report for this list, |
| 8 |
> listing all vulnerabilities that have still to be solved. I'll be |
| 9 |
|
| 10 |
You are, of course, welcome to do this. Just to ensure everyone has the |
| 11 |
same expectations, however, the *only* resource the Gentoo security team |
| 12 |
will use for new security vulnerability reports is bugs.gentoo.org. So, |
| 13 |
while I encourage you to put together a weekly email/forums post if you so |
| 14 |
desire, I also encourage you to ensure all those vulnerabilities are also |
| 15 |
entered in bugzilla. Otherwise, they *are not* likely to be looked at by a |
| 16 |
Gentoo dev. |
| 17 |
|
| 18 |
--kurt |
Archives