On Thu, 17 Jun 2010 13:45:17 -0500 Dan McGee <dpmcgee@gmail.com> wrote:
Sounds like a blast from the past: http://wiki.archlinux.org/index.php/Security_Task_Force http://code.google.com/p/arch-sheriff/
Best of luck this time around.
-Dan
As I've mentioned before, I don't think getting the processes in place will be that hard if we modify Gentoo's way of doing things to suit Arch. Gentoo's docs are all cc-by-sa licensed so it shouldn't be an issue. The mailing lists for vulnerabilities exist that can be used to check against the packages in Arch. What is needed are volunteers who: 1. Check for vulnerabilities 2. Know how to use PKGBUILDS and abs 3. Can spare some time to send announcements, create interim PKGBUILDs and file security issues on the bug tracker. It may well turn out to be a one man show for the immediate future, but I'm prepared for that. Ananda