Date: Mon, 20 Jan 2014 17:36:27 +0100 From: rf@...eap.de To: oss-security@...ts.openwall.com Subject: Re: linux-distros membership >>>>> "Yves" == Yves-Alexis Perez <corsac@...ian.org> writes: Thanks again Yves. Unfortunately this doesn't help me with getting the timely reports about kernel security bugs from the linux-distros list. Can somebody, who knows the details of the process, please answer what we need to do, to get on the list? Roland >> >> I hope this is the right place to ask for inclusion of a >> >> Qlustar contact in the linux-distros list. >> >> >> >> Qlustar is a Ubuntu/Debian based distro targeted at >> >> HPC/Storage/Cloud clusters. We use our own kernels (typically >> >> based on vanilla) since many years, but have the need to >> >> supply timely security fixes to our users. So far we have to >> >> wait for other distros to come out with their announcements >> >> and then start analyzing the fixes they have done. This leaves >> >> us/our users with a vulnerability window that is way too >> >> large, >> >> > I can't speak for Ubuntu, but you're welcome to participate in >> > the Debian security effort. >> >> thanks a lot for your offer. Could you explain a little more what >> participation in the Debian security effort would mean? Note that >> the issue I currently have is mostly about kernel fixes and we >> don't use Debian nor Ubuntu kernels. Yves> Most of the documentation can be found in the secure-testing Yves> repository  and on the Debian wiki . Yves> : Yves> http://anonscm.debian.org/viewvc/secure-testing/doc/narrative_introduction?view=markup Yves> : https://wiki.debian.org/Teams/Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ