Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Feb 2008 12:26:21 -0700
From: Vincent Danen <vdanen@...sec.ca>
To: oss-security@...ts.openwall.com
Subject: Re: charter - advisories

* [2008-02-19 22:44:22 +0300] Solar Designer wrote:

>> It may be a better idea, if desired, to make a separate list that is a
>> fully moderated (or possibly a reject-all with exceptions) list specific
>> to carrying vendor advisories.
>
>Yes, that was my idea too.  However, now that we mention the distinction
>between two kinds of advisories (those for end-users only vs. those
>useful to others as well), I am not sure which of these we want to go to
>that other list.  Should we create a list for advisories that are useful
>for us, then change the above guideline to "no advisories" for the main
>oss-security list?  Or should we create a list for both kinds of
>advisories?  In the latter case, should we ban the useful advisories
>from the main oss-security list or should these be CC'ed to both lists?
>Or should we create two new lists?..

Hmmm... maybe we should clarify the advisories we don't want to see.  I
guess advisories from, say, iDefense, would be valuable.  But advisories
from Mandriva or SUSE not so much.

Maybe we should indicate no *vendor* advisories, and make a second list
specifically for that?

-- 
Vincent Danen @ http://linsec.ca/

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ