Re: Why does it take so long for new (gimp, kernels, openoffice) packages to reach the stable repo ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Rick Stevens <ricks <at> nerd.com> writes:
> I'm aware of that, but the people who do the penetration testing squawk
> anything that's less than 0.9.8h.  Technically it's a false positive,
> but it is still in the reports and we have to prove that it's a false
> positive each time.  I know what the vulnerabilities are and I've had
> discussions with the pentest people, but they won't budge.

Show them my message, show it to their superiors. It is completely wrong to 
flag tools as "vulnerable" just by looking at the version, the penetration 
testing team is not doing their job! They're supposed to actually try the 
exploits, not just check the versions.

        Kevin Kofler

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux