On Mon, Jun 27, 2005 at 06:44:06PM -0400, Michael Stone wrote: > On Tue, Jun 28, 2005 at 12:00:28AM +0200, martin f krafft wrote: > >Do you guys see this as a de facto state with no solution, or is > >a good solution simply waiting to be found? > > The security secretaries were originally going to be part of the > solution, and there was talk from some people about writing a tracking > system that didn't materialize. Mostly I think it just needs > recognition that it's a problem that needs a solution. When I approached the security team last year I was told that there was indeed a tracking system, it just could not be made public because it mixed both publicly known vulnerabilities (i.e. those other's have released advisories on) and non-public vulns (i.e. those discussed in vendor-sec or reported privately). Regards Javier
Attachment:
signature.asc
Description: Digital signature