Making Fedora more secure, a 90-day goal.
echriste at redhat.com
Thu Apr 2 17:05:32 UTC 2015
On Thursday, April 02, 2015 10:47:59 AM Eric Christensen wrote:
> * Team Goal: All important CVEs from 2014 and before should be fixed
> by the end of June.
During today's meeting we talked about the number of open CVEs, as normal.
But, really, it's annoying to see the number of critical and important bugs
just sitting there not getting any traction.
Right now there is one critical CVE and 46 important CVEs open against either
a package in Fedora or EPEL. These are CVEs that should have been addressed
long ago and I'm, quite frankly, tired of looking at them.
With your help, I won't have to look at them ever again. During today's
meeting we set a goal of closing out all important CVEs (Jared is already
working on the critical CVE) that are circa 2014 and earlier by the end of
June. That means we have three months to figure out 38 CVEs.
It won't be easy but it's completely doable.
To help encourage FST members to participate, the top three FST members who
help close these bugs will get a prize of some sort. Heck, we might be able
to do something for everyone involved if we get all the critical and important
CVEs disposed of by the end of June.
Now lets go get serious about this! Game on!
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: This is a digitally signed message part.
More information about the security-team