On Thu, Oct 28, 2004 at 05:43:55PM -0400, Joey Hess wrote:
> Current list of security problems apparently unfixed in sarge:
kernel-image-2.6.8-s390, CAN-2004-0887
Bastian
--
War isn't a good life, but it's life.
-- Kirk, "A Private Little War", stardate 4211.8
signature.asc
De
hi joey
On Thu, 28 Oct 2004, Joey Hess wrote:
> I've added a CVE/list also, with about 80 CVE's per year to add to the
> things to check. We've only got 130 more CAN's to check for 2004, plus
> the CVE's, and then we can start on 2003.
>
> Current list of security problems apparently unfixed in
I wrote:
> - Edit the CAN/list file and claim a range of CANs to check. Note that
>CANs that have already been checked as part of the DSA checks are so
>marked. Commit the file.
I've added a CVE/list also, with about 80 CVE's per year to add to the
things to check. We've only got 130 more
Hi,
El mié, 27-10-2004 a las 23:33, Joey Hess escribió:
> - Provide timely security updates for testing, with fixes being made
>available no more than four days after a DSA is released.
> - Work with maintainers to include security fixes from unstable
>that do not have DSAs.
> - Mainta
Kim wrote:
> You write: " - Go through your claimed CANs and check changelogs,
> advisories, do
>testing, whatever is needed to satisfy yourself whether sarge is
>vulnerable or not, and record your findings in the CANs file.
>Note that the file is read by checklist.pl, so follow the sim
Kim wrote:
Dear Joey Hess
Great work!
You write: " - Go through your claimed CANs and check changelogs,
advisories, do
testing, whatever is needed to satisfy yourself whether sarge is
vulnerable or not, and record your findings in the CANs file.
Note that the file is read by checklist.pl,
Alvin Oga wrote:
hi ya
On Thu, 28 Oct 2004, Kim wrote:
I am sorry if I have misunderstood anything but "whatever is needed to
satisfy yourself" Since this is a personal matter isn't there chances that a
person may miss important issues? I rather surgest a clear program of checks
that at least must
hi ya
On Thu, 28 Oct 2004, Kim wrote:
> I am sorry if I have misunderstood anything but "whatever is needed to
> satisfy yourself" Since this is a personal matter isn't there chances that a
> person may miss important issues? I rather surgest a clear program of checks
> that at least must be don
;Ernesto Hernandez-Novich" <[EMAIL PROTECTED]>;
"Finn-Arne Johansen" <[EMAIL PROTECTED]>; "Djoumé SALVETTI" <[EMAIL PROTECTED]>;
"Steinar H. Gunderson" <[EMAIL PROTECTED]>; "Andres Salomon"
<[EMAIL PROTECTED]>
Sent: Wednesday, October 27, 2004 11:33 PM
Subject: forming a security team for testing
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
I've been talking to people about the idea of forming a security team for
the testing distribution for several months, and there seems to be enough
interest in improving testing's security to make such a team a reality.
Most of the people in the CC list have indicated interest in a testing
securit
10 matches
Mail list logo
