Hi all, On 09/25/2014 06:53 PM, Remi Gacogne wrote: > A recent discussion on the #archlinux-security IRC channel led to the > proposal of posting security announcements to the arch-security > mailing-list every time a vulnerability concerning an Arch Linux package > is disclosed, as other distributions are already doing.
We have also created a Security Advisories [0] wiki page which list the most recent advisories from this mailinglist. After a short discussion on IRC we have chosen the ASA-YYYYMM-N identifier (which you may already have noticed from Remi's last advisory). This ASA-ID can be used as a short reference and is also included in the new advisories page [0] and the CVE-2014 page [2]. > Based on an idea by Bluewind, I made the following template for > advisories, and will be sending an advisory for the recent NSS > vulnerability as an example in the next few minutes. The template can also be found at the wiki page [1] and is reflecting the current state of the advisory template. kind regards, Levente [0] https://wiki.archlinux.org/index.php/Security_Advisories [1] https://wiki.archlinux.org/index.php/Security_Advisories#Template [2] https://wiki.archlinux.org/index.php/CVE-2014
signature.asc
Description: OpenPGP digital signature
