[arch-security] Arch Linux Security Advisories
Levente Polyak
levente at leventepolyak.net
Fri Sep 26 19:23:04 UTC 2014
Hi all,
On 09/25/2014 06:53 PM, Remi Gacogne wrote:
> A recent discussion on the #archlinux-security IRC channel led to the
> proposal of posting security announcements to the arch-security
> mailing-list every time a vulnerability concerning an Arch Linux package
> is disclosed, as other distributions are already doing.
We have also created a Security Advisories [0] wiki page which list the
most recent advisories from this mailinglist.
After a short discussion on IRC we have chosen the ASA-YYYYMM-N
identifier (which you may already have noticed from Remi's last
advisory). This ASA-ID can be used as a short reference and is also
included in the new advisories page [0] and the CVE-2014 page [2].
> Based on an idea by Bluewind, I made the following template for
> advisories, and will be sending an advisory for the recent NSS
> vulnerability as an example in the next few minutes.
The template can also be found at the wiki page [1] and is reflecting
the current state of the advisory template.
kind regards,
Levente
[0] https://wiki.archlinux.org/index.php/Security_Advisories
[1] https://wiki.archlinux.org/index.php/Security_Advisories#Template
[2] https://wiki.archlinux.org/index.php/CVE-2014
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20140926/d8240681/attachment.bin>
More information about the arch-security
mailing list