Re: [Legacy] Mentoring for vulnerability bug tracking -- kernel, and general

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2006-06-02 at 02:41 -0500, David Eisenstein wrote:

> A more general question is this:  How do we in Fedora Legacy track 
> vulnerabilities and make sure that we are aware of all the relevant 
> vulnerabilities for the packages that we maintain, and haven't missed 
> something?
> 
> The fedora-security-list and Josh Bressers are using audit files to track 
> all relevant security vulnerabilities for their sets of packages, which 
> are kept in CVS here,
>   <http://cvs.fedora.redhat.com/viewcvs/fedora-security/audit/?root=fedora>
> 
> but we here in Fedora Legacy haven't started using this kind of tool yet.
> Is it time for us to start doing so?  If so, are any of you interested in
> forming some kind of vulnerability tracking team and getting started on
> such list(s) for the products we maintain?

It seems to me that whatever system used by the Fedora Security Team
should be adopted by Fedora Legacy after discussion with the relevant
contributors.

Rahul


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux