> At the same time, though, I think we need to take immediate action.
> Among the first steps would be the analysis of the status quo. I am
> going through the list of CVEs right now. There are *loads*. And
> I could need help. I'll ping out to joeyh to see if we could put his
> scripts for testing-security to any use.
Ah, thanks to the testing-security team:
http://newraff.debian.org/~joeyh/demo.html
This list is about testing, but joeyh is adding
http://newraff.debian.org/~joeyh/stable-security.html
right now.
Anyway, note that the situation seems to be under control already
and an announcement is under preparation. Therefore I apologise for
coming across a little hectical in my post.
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft <madduck@debian.org>
: :' : proud Debian developer and author: http://debianbook.info
`. `'`
`- Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
"when faced with a new problem, the wise algorithmist
will first attempt to classify it as np-complete.
this will avoid many tears and tantrums as
algorithm after algorithm fails."
-- g. niruta
Attachment:
signature.asc
Description: Digital signature