Re: Proposal/suggestion for security team w.r.t. published vulerabilities
-----BEGIN PGP SIGNED MESSAGE-----
On Sunday 18 July 2004 23:11, Matt Zimmerman wrote:
> As you have repeatedly confirmed, the security team is very busy.
Is there anything I can do to help? I am a security engineer, but not a
programmer. Let me know what you need done.
> Generally, if an issue doesn't affect stable, I don't track it at all.
> If an issue does affect stable, then when I release an advisory, I check
> the package in unstable and file a bug if necessary.
> Some people help track bugs in unstable by watching for new vulnerabilities
> in public databases, verifying whether the bug is present in unstable, and
> filing a bug if so. It would be great if you would help with these
> efforts. You do not need any authorization or information from the security
> team in order to do so.
> - mdz
Bradley M. Alexander |
SysAdmin, Security Engineer | storm [at] tux.org
Debian/GNU Linux Developer | storm [at] debian.org
DSA 0x54434E65: 37F6 BCA6 621D 920C E02E E3C8 73B2 C019 5443 4E65
RSA 0xC3BCBA91: 3F 0E 26 C1 90 14 AD 0A C8 9C F0 93 75 A0 01 34
In the ongoing battle between objects made of aluminum going
hundreds of miles per hour and the ground going zero miles per hour,
the ground has yet to lose.
--Rules of the Air, #19
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
-----END PGP SIGNATURE-----