From: "Daniel A. Avelino" <daavelino@gmail.com>
To: gentoo-security@lists.gentoo.org
Subject: Re: [gentoo-security] No GLSA since January?!?
Date: Fri, 26 Aug 2011 14:18:20 -0300 [thread overview]
Message-ID: <CAKdB2xH=SToTiw2eieqk_tX3OeE7389bG8rqnhREev_VeP2mSQ@mail.gmail.com> (raw)
In-Reply-To: <CAFhp8z6Nu8kRgcF3CB2K_nv0o+9BCFvVfiXZaqCVay=e+JbWEA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2407 bytes --]
Alex.
May be a call for volunteers more "intense" could improve the manpower. This
could be a more
easy start point to address, no?.
I work too in some [smaller] security processes and can figure out what kind
of work are you talking about.
As Kauhaus pointed, may be somethings should be automated but again, this is
a hard job to
implement and to keep results trustable.
I'd started following this list recently and yet does not know how
work fluxes are performed here but, may be, this could be a good place to
start a review of GLSA processes, what
do you think about this?
Regards,
Daniel A. Avelino
I thought its time
On Fri, Aug 26, 2011 at 1:57 PM, JD Horelick <jdhore1@gmail.com> wrote:
> On 26 August 2011 12:43, Christoph Jasinski <Krzysiek@gmx.net> wrote:
> > Dear Christian
> >
> > Everything is secure. No reason to write GLSAs or to panic. ;)
> >
> >
> > Chris
> >
> > Am 26.08.2011 um 18:12 schrieb Christian Kauhaus:
> >
> >> Hi,
> >>
> >> I'm wondering that may favorite Linux distro hasn't had any security
> announcements since January. In my opinion this is really problematic. At
> our company we try to convince prospective customers to host their
> applications on our Gentoo servers. When asked about security incident
> handling, I have to say: "They state 'Security is a primary focus' on their
> website, but they don't inform their users." Not very convincing.
> >>
> >> So what is the roadblock that hinders GLSA creation? Is there any way to
> get the GLSAs into working order again?
> >>
> >> Regards
> >>
> >> Christian
> >>
> >> --
> >> Dipl.-Inf. Christian Kauhaus <>< · kc@gocept.com · systems
> administration
> >> gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
> >> http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
> >> Zope and Plone consulting and development
> >>
> >
> >
> >
>
> I'm sorry, but I disagree with that. I've been an (unofficial) x86
> Archtester for only 2 weeks or so and since then, i've seen more than
> a few stabilizations needed to address security issues. Also, i've
> noticed this same problem of not seeing many/any GLSA's in recent
> history. As an example, in the past month, Debian has had 13 security
> advisories. I personally doubt that we (Gentoo) don't have to worry
> about ANY of those 13 advisories...
>
>
[-- Attachment #2: Type: text/html, Size: 3255 bytes --]
next prev parent reply other threads:[~2011-08-26 17:19 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-08-26 16:12 [gentoo-security] No GLSA since January?!? Christian Kauhaus
2011-08-26 16:43 ` Christoph Jasinski
2011-08-26 16:57 ` JD Horelick
2011-08-26 17:18 ` Daniel A. Avelino [this message]
2011-08-26 17:57 ` Alex Legler
2011-08-26 18:22 ` Daniel A. Avelino
2011-08-26 18:44 ` Alex Legler
2011-08-26 19:27 ` Daniel A. Avelino
2011-08-26 16:55 ` Alex Legler
2011-08-26 17:06 ` Christian Kauhaus
2011-08-26 18:00 ` Joost Roeleveld
2011-08-26 18:07 ` Alex Legler
2011-08-26 19:30 ` Joost Roeleveld
2011-08-26 18:08 ` Kevin Bryan
2011-08-26 18:40 ` Alex Legler
2011-08-26 20:02 ` Kevin Bryan
2011-08-26 20:40 ` Daniel A. Avelino
2011-08-26 22:27 ` Alex Legler
2011-08-26 23:38 ` Daniel A. Avelino
2011-08-26 18:41 ` Daniel A. Avelino
2011-08-27 8:49 ` Christian Kauhaus
2011-08-27 12:13 ` Rich Freeman
2011-08-27 12:34 ` Tobias Heinlein
2011-08-27 13:06 ` Rich Freeman
2011-08-27 13:34 ` Tobias Heinlein
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAKdB2xH=SToTiw2eieqk_tX3OeE7389bG8rqnhREev_VeP2mSQ@mail.gmail.com' \
--to=daavelino@gmail.com \
--cc=gentoo-security@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox