Re: Analysis vulnerabilities associated to published security advisories, anyone?

To: debian-security@lists.debian.org
Subject: Re: Analysis vulnerabilities associated to published security advisories, anyone?
From: Davor Ocelic <docelic@mail.inet.hr>
Date: Wed, 9 Mar 2005 13:28:38 +0100
Message-id: <[🔎] 20050309132838.16c6af0d.docelic@mail.inet.hr>
In-reply-to: <[🔎] 20050309112505.GB31539@dat.etsit.upm.es>
References: <[🔎] 20050309112505.GB31539@dat.etsit.upm.es>

On Wed, 9 Mar 2005 12:25:06 +0100
Javier Fernández-Sanguino Peña <jfs@computer.org> wrote:

> Maybe you've seen it already, but the guys at Ubuntu have done a
> light-weight analysis of the vulnerabilities they have been released since
> "Warty" was released: https://www.ubuntulinux.org/wiki/USNAnalysis
> 
> This analysis does not match the one on ICAT's database
> (http://icat.nist.gov/icat.cfm?function=statistics) but probably is related
> to the fact that a lot of tempfile races have been found and reported
> recently by the Security Audit team.
> 
> I would like somebody to do a similar analysis regarding Debian's 
> vulnerabilities (Ubuntu vulns are probably a subset of those affecting 
> woody). Has anyone enough spare time?

Interesting, I like the idea and would take on the task.

I'll contact you privately so we can coordinate. If other people
express their interest as well, maybe we could set up a dedicated
mailing list too.

-doc

Reply to:

References:
- Analysis vulnerabilities associated to published security advisories, anyone?
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>

Prev by Date: Analysis vulnerabilities associated to published security advisories, anyone?
Next by Date: Re: Analysis vulnerabilities associated to published security advisories, anyone?
Previous by thread: Analysis vulnerabilities associated to published security advisories, anyone?
Next by thread: Re: Analysis vulnerabilities associated to published security advisories, anyone?
Index(es):
- Date
- Thread