Making Fedora more secure, a 90-day goal.
Eric Christensen
echriste at redhat.com
Mon Apr 6 19:22:15 UTC 2015
On Thursday, April 02, 2015 01:05:32 PM Eric Christensen wrote:
> Right now there is one critical CVE and 46 important CVEs open against
> either a package in Fedora or EPEL. These are CVEs that should have been
> addressed long ago and I'm, quite frankly, tired of looking at them.
Just looked at the numbers after the weekend hoping I'd see some movement.
Here's what I found:
Of the 38 important CVEs opened in 2014 or prior that I identified last
Thursday as still being open one was closed, five are On_QA, and the rest don't
really look like they've been touched in a while, with a few exceptions.
All the cases are "owned" but it looks like most haven't been followed up on
in a while. If you want to participate in this "contest" but don't see a way
in here's what I suggest: if a case hasn't been followed up on in the past
month TAKE IT! This includes the ones I touched today but don't "own". Let's
crush these bugs and make Fedora better!
-- Eric
--------------------------------------------------
Eric "Sparks" Christensen
Red Hat, Inc - Product Security
sparks at redhat.com - sparks at fedoraproject.org
097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1
--------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.fedoraproject.org/pipermail/security-team/attachments/20150406/46631749/attachment.sig>
More information about the security-team
mailing list