Re: Libvirt Security Notices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jan 17, 2014 at 02:43:25PM +0000, Daniel P. Berrange wrote:
> Hi Folks,
> 
> After much work I've finally got a formal Libvirt Security Notice (LSN)
> setup worked out.
> 
> Every security issue that is reported & confirmed on the libvirt security
> mailing list will have a formal LSN prepared. This is a simple XML document
> containing metadata & other information about the issue we deem relevant.
> Initially this will be private if there is an embargo applied.
> 
> Once the issue is made public, will the LSN notices will be added to the
> following public GIT repository:
> 
>    http://libvirt.org/git/?p=libvirt-security-notice.git;a=summary
> 
> This GIT repository is used to populate a new public website
> 
>    http://security.libvirt.org/

 Hat off, very useful idea !!!
 
> Every issue is available in text, html and xml formats eg
> 
>   http://security.libvirt.org/2014/0002.txt
>   http://security.libvirt.org/2014/0002.html
>   http://security.libvirt.org/2014/0002.xml

 Nicely done !

> 
> If anyone backports a fix for a security issue to various -maint branches,
> the LSN notice in GIT should be updated with GIT hash of the backports. If
> a maint release is created, the tag should also be added to the LSN.
> 
> After countless hours investigation I have populated the repository with
> a list of all historical issues in libvirt that I'm aware of.

  Excellent work, really !

Daniel

-- 
Daniel Veillard      | Open Source and Standards, Red Hat
veillard@xxxxxxxxxx  | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | virtualization library  http://libvirt.org/

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]