[arch-security] Subscription to OSS-security linux-distros
Daniel Micay
danielmicay at gmail.com
Thu Jun 5 19:13:54 EDT 2014
On 05/06/14 05:36 PM, Allan McRae wrote:
> On 06/06/14 05:14, Mark Lee wrote:
>> To All,
>>
>> There are several linux-distro subscription requests on the oss-security
>> mailing list, and some bugs are disclosed first on that mailing list. I
>> just want to be sure that Arch Linux is getting this expedited
>> notification of bugs. Are you still on it Allan?
>>
>
> Yes - I pass on the worst (or at least let people know the public
> release dates if not the details).
>
> A
There's not much we really can do to prepare since we're unlikely to
have anything to backport. The work to backport to the stable release
will already be done for anything important enough to go through an
embargo. A restriction on disclosure for 7 days just means we'll get the
fix 7 days later.
The important issue here is that there needs to be enough interest in
security by developers and trusted users to prioritize these package
upgrades even if it's not a package they maintain, because the
maintainer might not be around.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-security/attachments/20140605/2d71f4f4/attachment.asc>
More information about the arch-security
mailing list