Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies

To: Henri Salo <henri@nerv.fi>
Cc: debian-security@lists.debian.org, debian-devel@lists.debian.org
Subject: Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sat, 29 Sep 2012 22:31:42 +0200
Message-id: <[🔎] 20120929203142.GF20065@ulrik.uio.no>
In-reply-to: <[🔎] 20120929202243.GA12772@kludge.henri.nerv.fi>
References: <CA+ygN1LxTeSFSt45qDC2KLKbYUWTqPvrm5ZHvEjjoEkuDL4f5g@mail.gmail.com> <2fly5n2kps1.fsf@login1.uio.no> <[🔎] 20120929202243.GA12772@kludge.henri.nerv.fi>

[Henri Salo]
> Has there been any progress with this project? I am glad to help if
> there is something I can do? This is needed in my opinion.

You could try to run the scripts I created in the debian-security svn
repository, and see how they could be improved.  I have not had time
to work much on this issue for a long time, and this is unlikely to
change any time soon. :(

You can try to add CPE info to a few packages to test the proposal,
and see if it make tracking easier.

But first and foremost, you can try to figure out what need to be done
to move the idea forward, as I lack the time to do so myself. :(

If you want more direct feedback from me, we could meet on IRC to
exchange knowledge.  Otherwise, you can ask using email.

-- 
Happy hacking
Petter Reinholdtsen

Reply to:

References:
- Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
  - From: Henri Salo <henri@nerv.fi>

Prev by Date: Re: Debian not suitable for SSD due to apt/dpkg?
Next by Date: Re: Debian not suitable for SSD due to apt/dpkg?
Previous by thread: Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
Next by thread: Debian not suitable for SSD due to apt/dpkg?
Index(es):
- Date
- Thread