Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 5 Apr 2008 16:14:58 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: wiki: vendor info & osvdb.org/vendors

On Fri, Apr 04, 2008 at 07:06:36PM -0400, Josh Bressers wrote:
> > 	http://osvdb.org/vendors
> 
> Holy Smokes that's impressive!
> 
> I don't think there's anything to consolidate, I think we just need to
> ensure everything on the oss-security wiki page is in your data (I would be
> surprised if it's not), then we just point at that.  The page about easily
> finding patches is probably still relevant, but there's no sense in
> duplicating information, especially when there is such an extensive source
> as this.

I am not so sure.  On our wiki, we have a separation between distro
vendors and individual Open Source projects - and I like it.  I haven't
found a way to extract a list of distro vendors only from osvdb.org.

Also, some vendors and projects may have relevant info that just does
not fit into pre-defined fields on osvdb.org - yet it may be specified
in entries on the wiki.

It is a good idea to update the info at osvdb.org with whatever we have.
For example, I was not able to find rPath in the osvdb.org database.
Then the vendors/projects themselves would need to remember to keep
those entries up to date as well...

Also, we should definitely link to osvdb.org.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ