[arch-security] Openssl flaw

Plonky Duby plonky at gmail.com
Tue Apr 8 10:33:55 EDT 2014


Suggestion:
Concerning security issue that big like this, may be we can have a
dedicated box on the front page of wiki to signal it and invite for update!

What do you think about ?


2014-04-08 15:53 GMT+02:00 G. Schlisio <g.schlisio at dukun.de>:

> > I agree with Allan here :
> >
> >> I added this column in the wiki for tracking the responsiveness of
> >> the packagers to handling security issues to see where we can
> >> improve.
> >
> > What matters for us to track is the time it takes for us to notice and
> > for Arch packagers to fix the issue once it has been disclosed.
>
> as a measure of arch linux' responsiveness i propose a title like "time
> known" or similar. i understand that this is an important thing to keep
> track of and fully support keeping this information.
> still, as an admin, i feel the importance of this "time vulnerable" (in
> the sense i explained bevore.
>
> > Finding how long a specific vulnerability has been available and
> > exploitable is a generic information not related to Arch Linux.
> >
> > I'm not against adding it to the wiki as a separated column.
> >
> > By the way, there is another minor issue, the Update/Bug column has a
> > double usage, maybe we should split this one in two.
>
> any reason against splitting? for now we still have some space to the
> sides (at least at my setup).
>
> thanks for considering.
>
> _______________________________________________
> arch-security mailing list
> arch-security at archlinux.org
> https://mailman.archlinux.org/mailman/listinfo/arch-security
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.archlinux.org/pipermail/arch-security/attachments/20140408/c3327b43/attachment.html>


More information about the arch-security mailing list