Thank you for getting back to me, Tomas, I’ll continue looking into their available options for the ask – for reference, I was looking for something similar to Ubuntu’s Cononcial service, where cases can be created for tracking.
Best, Julius Ross Security Engineer - Vulnerability Management | NY julir...@cisco.com<mailto:julir...@cisco.com> | M: 917.780.9334 [signature_3011522949] From: to...@tuxteam.de <to...@tuxteam.de> Date: Wednesday, August 2, 2023 at 12:40 AM To: Julius Ross (juliross) <julir...@cisco.com> Cc: debian-user@lists.debian.org <debian-user@lists.debian.org> Subject: Re: CVE-2022-27385 - Vendor Dependency Check In On Tue, Aug 01, 2023 at 09:45:59PM +0000, Julius Ross (juliross) wrote: > Hi team, We are not a "team" -- we are Debian users, as the mailing list name suggests. That said... > We're looking for a contact or direction on gaining updates on open vulnerabilities relating to known CVEs. Can you point us to the correct forum or support email address? We want to be able to track these vulnerabilities and when fixes become available. ... Debian does (almost) everything in the open, so the first (non-advert) two hits in my favourite search engine (no, not that one with the G) for the terms "debian cve vulnerabilities" lead to: https://security-tracker.debian.org/tracker/ https://www.debian.org/security/cve-compatibility which is probably more or less what you are looking for. Apart from that, there are (at least) two security related mailing lists, whose subscribe pages you'll find here: https://lists.debian.org/debian-security/ https://lists.debian.org/debian-security-announce/ of which the second one might be of interest to you. Cheers -- t
