Re: Announcement regarding the oss-security mailing list

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Announcement regarding the oss-security mailing list

From:	Ludovic Courtès
Subject:	Re: Announcement regarding the oss-security mailing list
Date:	Sun, 12 Feb 2017 14:59:57 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)

Hi Leo,

Leo Famulari <address@hidden> skribis:

> I look at the lwn.net security advisories, the Debian security-announce
> mailing list, `guix lint -c cve`, the upstream bug trackers of a handful
> of packages, and even some Twitter personalities.

For me it’s mostly oss-sec, LWN, and ‘guix lint’.

The good thing with the new MITRE policy is that the CVE database will
be more up-to-date, IIUC.  Until now, they’d quickly reserve an ID for
issues reported to oss-sec, but then it would take time until the CVE
database would be updated to contain all the info (for the recent Guile
CVEs, they asked me to give them the details again after two months or
so…).  As a side effect, ‘guix lint -c cve’ should become more useful.

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

Announcement regarding the oss-security mailing list, Leo Famulari, 2017/02/11
- Re: Announcement regarding the oss-security mailing list, Ricardo Wurmus, 2017/02/11
  - Re: Announcement regarding the oss-security mailing list, Marius Bakke, 2017/02/14
- Re: Announcement regarding the oss-security mailing list, ng0, 2017/02/11
- Re: Announcement regarding the oss-security mailing list, Alex Vong, 2017/02/12
- Re: Announcement regarding the oss-security mailing list, Ludovic Courtès <=
  - Re: Announcement regarding the oss-security mailing list, Efraim Flashner, 2017/02/13

Prev by Date: Re: Add murmur.
Next by Date: Re: Add murmur.
Previous by thread: Re: Announcement regarding the oss-security mailing list
Next by thread: Re: Announcement regarding the oss-security mailing list
Index(es):
- Date
- Thread