Fedora Extras Security Response Team

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello everybody.

In case you didn't see, there was a post by Thorsten Leemhuis to the
fedora-extras list regarding the creation of a Fedora Extras security
response team.  The message can be seen here:
https://www.redhat.com/archives/fedora-extras-list/2006-April/msg01650.html

Here are the people I know have an interest in helping out with the
security response team:

Hans de Goede
Jason L Tibbitts III
Dennis Gilmore
Jochen Schmitt
Ville Skyttä
Michael J Knox

If you're interested, feel free to chime in.

Right now I have a pretty good idea of what's needed to get this project
off the ground.  We have a mailing list (which would be step one).

I need to fix up some CVS space for things like tools and tracking text
files.  This repository is here:
http://cvs.fedora.redhat.com/viewcvs/fedora-security/?root=fedora

We will need a package manifest.  Basically a file that tells us which
packages and versions we're currently shipping in extras.  A tool to
generate this will also be needed since we'll want to update this file on a
regular basis.  Given how fast Extras changes I think this will be the
easiest way to check if we currently ship package <foo>.

An errata template is needed.  I'm thinking we should copy the current
Fedora Core template for now.  We can mangle it as we see fit at a later
date.

Process needs to be documented on the fedoraproject wiki.  Since we don't
currently have a process, this is the only thing done :)
The most important part of this will be making it easy to specify what we
expect of ourselves.  I hope to have some time this weekend to clean up the
security wiki pages a bit.

I think this is enough for now.  Questions, Comments?

-- 
    JB


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux