On Wed, 9 Mar 2005 12:25:06 +0100 Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote:
> Maybe you've seen it already, but the guys at Ubuntu have done a > light-weight analysis of the vulnerabilities they have been released since > "Warty" was released: https://www.ubuntulinux.org/wiki/USNAnalysis > > This analysis does not match the one on ICAT's database > (http://icat.nist.gov/icat.cfm?function=statistics) but probably is related > to the fact that a lot of tempfile races have been found and reported > recently by the Security Audit team. > > I would like somebody to do a similar analysis regarding Debian's > vulnerabilities (Ubuntu vulns are probably a subset of those affecting > woody). Has anyone enough spare time? Interesting, I like the idea and would take on the task. I'll contact you privately so we can coordinate. If other people express their interest as well, maybe we could set up a dedicated mailing list too. -doc
