Re: Announcement regarding the oss-security mailing list

2017-02-14 Thread Marius Bakke
Ricardo Wurmus writes: > Leo Famulari writes: > >> I think that several of us are subscribed to oss-security as part of our >> effort to learn about upstream security issues in a timely manner. >> >> A couple days ago, MITRE decided to stop assigning CVEs

Re: Announcement regarding the oss-security mailing list

2017-02-13 Thread Efraim Flashner
On Sun, Feb 12, 2017 at 02:59:57PM +0100, Ludovic Courtès wrote: > Hi Leo, > > Leo Famulari skribis: > > > I look at the lwn.net security advisories, the Debian security-announce > > mailing list, `guix lint -c cve`, the upstream bug trackers of a handful > > of packages,

Re: Announcement regarding the oss-security mailing list

2017-02-12 Thread Ludovic Courtès
Hi Leo, Leo Famulari skribis: > I look at the lwn.net security advisories, the Debian security-announce > mailing list, `guix lint -c cve`, the upstream bug trackers of a handful > of packages, and even some Twitter personalities. For me it’s mostly oss-sec, LWN, and ‘guix

Re: Announcement regarding the oss-security mailing list

2017-02-11 Thread Alex Vong
Leo Famulari writes: > I think that several of us are subscribed to oss-security as part of our > effort to learn about upstream security issues in a timely manner. > > A couple days ago, MITRE decided to stop assigning CVEs from the list: > >

Re: Announcement regarding the oss-security mailing list

2017-02-11 Thread ng0
On 17-02-11 14:44:00, Leo Famulari wrote: > I think that several of us are subscribed to oss-security as part of our > effort to learn about upstream security issues in a timely manner. > > A couple days ago, MITRE decided to stop assigning CVEs from the list: > >

Re: Announcement regarding the oss-security mailing list

2017-02-11 Thread Ricardo Wurmus
Leo Famulari writes: > I think that several of us are subscribed to oss-security as part of our > effort to learn about upstream security issues in a timely manner. > > A couple days ago, MITRE decided to stop assigning CVEs from the list: > >

Announcement regarding the oss-security mailing list

2017-02-11 Thread Leo Famulari
I think that several of us are subscribed to oss-security as part of our effort to learn about upstream security issues in a timely manner. A couple days ago, MITRE decided to stop assigning CVEs from the list: http://seclists.org/oss-sec/2017/q1/351 So, I expect that we will see fewer bugs