Quoting Javier Fernández-Sanguino Peña <jfs_at_computer.org>:
> Sure, please forward to me all bug references related to security audits
> you have done. I will also retrieve some from the mailing list that were
> sent by Ulf. And, now that I'm at it, I might add myself to the security
> audit group list in intro/organization :-)
When we're talking about the webpage, security/audit/advisories is unmaintained
at the moment. I know that both I and Max have found stuff that led to several
DSAs that aren't mentioned there.
Another idea would be a news page to show what we've been doing recently:
"2005-01-16 Max released a new version of colour-audit.
2005-01-14 Ulf found a buffer overflow in wqeueftpd, leading to the publication
of DSA-422344-1.
2005-01-12 Javier found a symlink attack in blatex (see bug #32484242)."
What do you think?
Merry Christmas (to those who celebrate it) and a Happy New Year, Ulf
-- Ulf Harnhammar http://www.advogato.org/person/metaur/Received on Tue Dec 21 2004 - 02:04:43 GMT