Quoting Pekka Savola <pekkas@xxxxxxxxxx>: > At least http://www.fedoralegacy.org/about/security.php does not > describe this at all. Updated the page slightly as concerns verifying packages. > >> 2. Verify the integrity of the downloaded package (see > >> http://www.fedoralegacy.org/about/security.php). Updated link wording slightly. > >> There should also be more documentation at least on following: > >> 1) documenting new vulnerabilities (I think Jesse has mostly been > >> doing this) -- in bugzilla? I've added a link to the "Participate" page to a new wiki page about Vulnerability Tracking. It isn't much, but it is a start. > What kind of information do you need to put in the report? How do you > articulate the subject, what other special keywords you put there, > etc.? Hmm. I don't have much of a clue. Most of what I know is there in the wiki. If someone more familiar with Bugzilla can add info about how to create a Bugzilla bug "correctly" as concerns the bugzilla structure, keywords, states, etc. then please help out and add details. Also, I've started a list of mailing lists and web sites there, but I'm sure others have additional sites they can add. Also, I've added a link to the wiki on the top header line, so it is now easier to get to the wiki from the web site. I think that is useful, but feedback is appreciated. -- Eric Rostetter -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
