Hello Guix! The security response team¹ needs your help! John Kehayias aka. podiki (Cc’d) is effectively the only active member, when the ideal size would be 3–4 people, so I took the freedom to send a call for contributions:
https://codeberg.org/guix/guix/pulls/9283 The main duty of the response team is to promptly reply to reports and to ensure the process moves forward: coordinating with the relevant developers and with reporters, defining a duration for the embargo (if an embargo is deemed necessary), assigning CVE numbers, co-authoring or reviewing security advisories, and so on. (The team’s work is *not* about finding vulnerabilities or fixing them.) Please get in touch with John if you’d like to join, even if only for a limited time. Note that the team is entrusted with sensitive issues so it’s probably a job for someone who has already been contributing for some time. Ludo’. ¹ https://guix.gnu.org/security
signature.asc
Description: PGP signature
