[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Proposal/suggestion for security team w.r.t. published vulerabilities

Hash: SHA1

On Sunday 18 July 2004 23:11, Matt Zimmerman wrote:
> As you have repeatedly confirmed, the security team is very busy.


Is there anything I can do to help? I am a security engineer, but not a 
programmer. Let me know what you need done.

> Generally, if an issue doesn't affect stable, I don't track it at all.
> If an issue does affect stable, then when I release an advisory, I check
> the package in unstable and file a bug if necessary.
> Some people help track bugs in unstable by watching for new vulnerabilities
> in public databases, verifying whether the bug is present in unstable, and
> filing a bug if so.  It would be great if you would help with these
> efforts. You do not need any authorization or information from the security
> team in order to do so.
> --
>  - mdz

- -- 
- --Brad
Bradley M. Alexander                |
SysAdmin, Security Engineer    |   storm [at] tux.org
Debian/GNU Linux Developer          |   storm [at] debian.org
Key fingerprints:
DSA 0x54434E65: 37F6 BCA6 621D 920C E02E  E3C8 73B2 C019 5443 4E65
RSA 0xC3BCBA91: 3F 0E 26 C1 90 14 AD 0A  C8 9C F0 93 75 A0 01 34
In the ongoing battle between objects made of aluminum going
hundreds of miles per hour and the ground going zero miles per hour,
the ground has yet to lose.
					--Rules of the Air, #19
Version: GnuPG v1.2.4 (GNU/Linux)


Reply to: