[arch-dev-public] Celebrating the 1000th Arch Linux Security Advisory

Levente Polyak anthraxx at archlinux.org
Mon Feb 8 00:44:31 UTC 2021


It has been a long ride since our first Arch Linux Security Advisory
released in September 2014 [0], but we are proudly announcing our 1000th
published advisory [1]. In early days, the user RbN started some efforts
[2] to track issues in the ArchWiki. The journey of our team began with
a call for help by our long-time developer Allan McRae [3], which -- as
a joint effort of Remi Gacogne (rgacogne) and Levente Polyak (anthraxx)
[4] -- lead to the founding of the structured effort known today as the
Arch Linux Security Team.

Without doubt the work and analysis is challenging and the overall
workload massive. During our ongoing journey we have grown quite a lot
and are happy to welcome Christian Rebischke (shibumi), Jelle van der
Waa (jelle), Santiago Torres (sangy), Morten Linderud (Foxboron), Andrea
Denisse Gómez (denisse) and Jonas Witschel (diabonas) to our team.
Together we are able to offer a strong and successful security team that
is continuously expanding and re-evaluating capacities to cover a
broader area of our distro.

In December 2016 during the annual Chaos Communication Congress, we
released our central security tracker [5] to streamline our
vulnerability tracking and mitigation workflow. The tracker replaces the
ArchWiki page which was used previously for this purpose. For further
details on our adventure, we would like to invite you to watch the Arch
Conf 2020 talk "Rolling your own security team for fun and no profit at
all" [6].

Because a healthy team is not just about technology, but also about the
people behind it, we have met in a Jitsi video conference to celebrate
this awesome achievement and to chink glasses :-)

Sincerely,
Your Security Team


[0]
https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html
[1]
https://lists.archlinux.org/pipermail/arch-security/2021-January/001719.html
[2]
https://lists.archlinux.org/pipermail/arch-security/2014-March/000012.html
[3]
https://lists.archlinux.org/pipermail/arch-dev-public/2014-March/025952.html
[4]
https://lists.archlinux.org/pipermail/arch-security/2014-September/000098.html
[5] https://security.archlinux.org
[6]
https://media.ccc.de/v/arch-conf-online-2020-6394-rolling-your-own-security-team-for-fun-and-no-profit-at-all

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-dev-public/attachments/20210208/66b4b0c5/attachment.sig>


More information about the arch-dev-public mailing list