On 04/20/2011 04:31 PM, Michael Scherer wrote: > Hi, > > yesterday was the meeting regarding secteam creation. > > The log can be found on : > http://meetbot.mageia.org/mageia-dev/2011/mageia-dev.2011-04-19-19.10.html > > For now, we have no specific requirements of privacy or anything and the > main goals are to prepare everything ( I will post on -web and -sysadm > for the need on infra and web ), and to make sure we do not ship with > know security issues. > > So what we need for now is people to check our packages and see if there > is some issues, and fill bug reports for that. > Stew will take care of coordination, so i will let him speak of that. > > > I've opened a rollup bug to feed into the final release. Please add this as a "blocks" to any security related bugs you might open.
https://bugs.mageia.org/show_bug.cgi?id=908 I've also subscribed to oss-security and started the process for us to be able to gain admittance to the private list, first by creating an entry on their wiki: http://oss-security.openwall.org/wiki/vendors#mageia As well as the related freedesktop page: http://distributions.freedesktop.org/wiki/DistributionLocations Next steps to gain admittance is to do a release, create a security@ address, and publish a web page showing we issue/track updates. We can then petition for admittance to the private list. As my time is somewhat limited, I'm more than happy to accept any/all help as far as identifying/fixing/tracking issues with our packages. -- Stew Benedict New Tazewell, TN
