Gentoo Archives: gentoo-security

From: Christian Kauhaus <kc@××××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] No GLSA since January?!?
Date: Fri, 26 Aug 2011 17:08:14
In Reply to: Re: [gentoo-security] No GLSA since January?!? by Alex Legler
Am 26.08.2011 18:55, schrieb Alex Legler:
> Compared to other distributions, our advisories have been rather detailed with > lots of manually researched information. I'm not sure if we can keep up this > very high standard with the limited manpower, but we'll try our best.
I see the point. I think it would be an achievement over the current situation (which is: no current GLSAs at all) to send out less detailed GLSAs. Even something short as: "$PACKAGE has vulnerabilities, they are fixed in $VERSION, for details see $CVE" would be immensely helpful. Is the any viable way to get it at least to this point? Probably the largest part of such a task could be automated. This would lift the burden from the security maintainers. Regards Christian -- Dipl.-Inf. Christian Kauhaus <>< · kc@××××××.com · systems administration gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development


Subject Author
Re: [gentoo-security] No GLSA since January?!? Joost Roeleveld <joost@××××××××.org>
Re: [gentoo-security] No GLSA since January?!? Kevin Bryan <bryank@××××××.edu>