This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Tracking security bugs

From: Paul Eggert <eggert at cs dot ucla dot edu>
To: Florian Weimer <fweimer at redhat dot com>
Cc: GNU C Library <libc-alpha at sourceware dot org>
Date: Mon, 23 Jun 2014 04:02:48 -0700
Subject: Re: Tracking security bugs
Authentication-results: sourceware.org; auth=none
References: <CANu=DmjYiCT8NRbtdrXXrJtK_-mGRmsN+KUV50oEzaGY7tqn0Q at mail dot gmail dot com> <53973987 dot 90404 at redhat dot com> <y0mr42uxenr dot fsf at fche dot csb> <53A7EA08 dot 3010708 at redhat dot com>

Florian Weimer wrote:

I would like to create a Wiki page that suggests that potentially
critical bugs are reported to downstream security teams.

I like this idea. It'd be helpful for that page to give an example of asuch a bug and how it was reported, so that potential contributors willbetter understand the process they're getting into. I also suggestcross-referencing from:


https://sourceware.org/glibc/wiki/Development_Todo/Master#Security

to the new page.

References:
- Re: Requesting CVEs for glibc security issues
  - From: Florian Weimer
- Re: Requesting CVEs for glibc security issues
  - From: Frank Ch. Eigler
- Tracking security bugs (was: Re: Requesting CVEs for glibc security issues)
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]