-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Thu, Jul 11, 2013 at 09:39:32AM -0400, Josh Bressers wrote:
Eric, do we have a plan to track items like this that probably
aren't ready
for bugzilla yet?
Not yet *but* I think that tracking generic information like that in BZ would be a good
thing. We can then open bugs against packages that exhibit a certain vulnerability and
block the generic ticket for tracking purposes.
We also really need to start tracking the CVEs that are opened up against Fedora packages
and see what we can do to get them closed. A proven packager might be needed for that.
- -- Eric
- --------------------------------------------------
Eric "Sparks" Christensen
Red Hat, Inc - Product Security Team
sparks(a)redhat.com - sparks(a)fedoraproject.org
097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1
- --------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iQGcBAEBCgAGBQJR3uElAAoJEB/kgVGp2CYvP3kMAIm3vf2NT8Rt6Qjc67StT9ti
HILPwapU6MwU9ifvbpjsXEWVZsu4QLaeZ4LrFzG0jrJahxDONvBfdcMbsvZU8wsn
j62I0KkBsXn3p/6e7swxZIaLwdyMm7Ta3DKEd2TuBYe80r051HNbG7j3HGsKJ2rU
Qpacp3uRIiZoC4a/x4dddP+IaMtYItNW+I7xOHJWsYEFbA2espE/mgQhhvtPtP8h
l+MO577+aLlZWdjKBYkHjFqL5M/lVm6WDe/H9gqHgqhnzlM2QhYJxWKLyahnjw9Q
5uIzPJ749J+lo3FIJuXCtTbB/HLl3Vw6qA/dIxvVNAeiGPJDMNqFZN5qvF6NIokp
tzq/oo+949PXDPbNzgpZWZ8pd60dOGj9zD1jVcnOm5lszaCNysB3/npsSjcoDAci
EWAeMW2D2r/uuMfqO0XRyohbbLB/2YHdqWHzKVDxCFs6BS2NPY4uQTHLpK5HAgV8
u96enm2KXPdFjN1yU6zNUkwh9KxE34mpPisCoAH7zw==
=uw+R
-----END PGP SIGNATURE-----