On Thu, 30 Aug 2007 11:55:56 +0200 Lubomir Kundrak <lkundrak@xxxxxxxxxx> wrote: > Hi Kevin, > > On Wed, 2007-08-29 at 13:44 -0600, Kevin Fenzi wrote: > > Would it be possible and/or advisable for us to add some audit files > > for epel? > > > > EPEL has quite a few less packages than Fedora does, but we still > > need a way to track security issues, etc. If they are all in the > > same place then we can update them at the same time that Fedora > > releases audit files are updated. > > > > Thoughts? Concerns? > > Shall I just make them? > > I still have no idea about how is EPEL securit ygoing to be handled. > If it is going to be the same way as Fedora, please do add the audit > files, and also generate manifests for epel. Well, It needs to be handled some way. I think adding it into the same framework as we use for Fedora is the best way to go now. I will go ahead and look at making audit and manifest files for epel this weekend perhaps and try an inital pass at checking packages against the audit. Unless someone comes up with a better idea before then. ;) kevin
Attachment:
signature.asc
Description: PGP signature
-- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
