Salvatore Bonaccorso writes:
> For the record, the thread is starting at
>
> http://www.openwall.com/lists/oss-security/2016/03/04/4
>
> where Kurt Seifried from Red Hat raised the concern.
Yes, am following that. Not entirely confident anything will happen,
however would be
Salvatore Bonaccorso writes:
> Creating individual bugs in the Debian BTS, including more details
> like fixing commits would be a great start, since we use either CVEs
> or references to the Debian BTS in DSAs (and DLAs). Furthermore the
> security-tracker handles both (you
Hi Brian, hi Paul,
On Sun, Mar 06, 2016 at 04:59:43PM +0100, Salvatore Bonaccorso wrote:
> Hi,
>
> On Sun, Mar 06, 2016 at 03:33:16PM +1100, Brian May wrote:
> > Just wondering if there is some other way we can track security issues
> > for when CVEs are not available.
> >
> > Thinking of
Hi,
On Sun, Mar 06, 2016 at 03:33:16PM +1100, Brian May wrote:
> Just wondering if there is some other way we can track security issues
> for when CVEs are not available.
>
> Thinking of imagemagick here, it has a lot of security issues, and
> requests for CVEs are not getting any responses.
On Sun, Mar 6, 2016 at 12:33 PM, Brian May wrote:
> Just wondering if there is some other way we can track security issues
> for when CVEs are not available.
...
> For example, if there are no CVEs are we able to use OVEs instead?
>
> http://www.openwall.com/ove
This sounds like a good idea to
Hello,
Just wondering if there is some other way we can track security issues
for when CVEs are not available.
Thinking of imagemagick here, it has a lot of security issues, and
requests for CVEs are not getting any responses.
For example, if there are no CVEs are we able to use OVEs instead?
6 matches
Mail list logo