From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 25388 invoked by uid 1002); 23 Aug 2003 06:11:32 -0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 19688 invoked from network); 23 Aug 2003 06:11:32 -0000 Date: Sat, 23 Aug 2003 08:10:35 +0200 From: Marius Mauch To: solar@gentoo.org Cc: gentoo-dev@gentoo.org Message-Id: <20030823081035.3496e8b4.genone@genone.de> In-Reply-To: <1061611147.90.6006.camel@simple> References: <20030822191939.36400b90.genone@genone.de> <1061611147.90.6006.camel@simple> X-Mailer: Sylpheed version 0.9.4claws30 (GTK+ 1.2.10; i686-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: [gentoo-dev] GLEP #14: security updates based on GLSA X-Archives-Salt: 0919edd2-744c-4e82-b62b-dc7204ab4016 X-Archives-Hash: 760479fb9695a447b53ba53c2fc000bf On 22 Aug 2003 23:59:07 -0400 Ned Ludd wrote: > Hands down I fully support this and your efforts so far in gentoo. > > Also to go along with this GLEP I think we need to start talking about > the need for a herd solely devoted to security related issues in > gentoo linux. Not just a herd to be announced to -dev that does not > have much use like say "mysql" or "net-irc" but something subnational > with a set of predefined goals,guidelines,policies and procedures for > achieving those goals. The GLEP is/was the right way to go/start with > this. For the last week I've been trying to take a much more active > interest in bugs that have been assigned to security@gentoo.org in the > bugzilla system but have felt a little misguided on who to talk to for > a final resolution for a said bug. What I would like to help do is > form a security herd for the sole purpose of > closing/opening/researching security bugs for gentoo linux. > Thus far it seems we have a security team of 1. I think/know aliz > could use some help in this area. I think it would be ideal if we > could back him up and elect/vote aliz to the the project manager for > said herd. According to http://www.gentoo.org/proj/en/metastructure/projects.xml there is a security subproject under the qa project, but noone assigned to it (if the page is up2date). I agree that there should be more people on it (same situation as with portage a few weeks ago). Marius -- gentoo-dev@gentoo.org mailing list