The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security web page

To: bdale@gag.com (Bdale Garbee), debian-private@lists.debian.org
Subject: Re: Security web page
From: sacampbe@mercator.math.uwaterloo.ca (Sue Campbell)
Date: Sun, 5 Oct 1997 20:15:26 -0400 (EDT)
In-reply-to: <199710052038.OAA06205@chunks.gag.com> from Bdale Garbee at "Oct 5, 97 02:38:36 pm"
Resent-cc: recipient list not shown: ;
Resent-date: 6 Oct 1997 00:16:35 -0000
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"6Kqz5D.A.LkF.j3CO0"@debian>
Resent-sender: debian-private-request@lists.debian.org

I agree that we should have a debian-security-announce mailing list.
This will help to give Debian a more professional image.

The administration of this list would be quite easy. For any security problems
that could affect Debian (we need to report on major problems even if we
aren't affected. I hope the reasons are obvious), the announcement
of the problem and the resolution (if seperate from the announcement) are
posted. This same information will get put in the security pages.

I am more than willing to do the web page updates. This is the easy part.
As Chris Hudon has already pointed out, keeping on top of all the issues of
security problems is time consuming. The current security managers have other
commitments preventing them from fulfilling this duty (I don't think the security
managers original mandate covered security holes in software anyway). Do we
need a manager whose sole duty is security bugs?

Even if the current security managers are willing to carry on this duty,
there is the short term problem that no one is doing this work. Martin
Schulze has agreed to do some work on this. It wasn't clear whether he
was willing to do the administrative work or just update the web pages (Martin?).

To help resolve this here are a few questions needing answers:

Is Martin willing to bring the security data up to date and do the job
until Chris Hudon returns?

If not, is someone else willing to do this?
If you already read bugtraq, this should be a big job.

Do Chris Hudon and/or Klee Dienes have the time to do this long term?

If not, should there be a security bug manager?

By working through these, we should get a speedy resolution to this
problem.

- Sue


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Follow-Ups:
- Re: Security web page
  - From: joey@finlandia.infodrom.north.de (Martin Schulze)
- Re: Security web page
  - From: Christian Hudon <S1205299.ber@student.goethe.de>

References:
- Re: Security web page
  - From: Bdale Garbee <bdale@gag.com>

Prev by Date: Re: Security web page
Next by Date: Titles, without the mathematics.
Previous by thread: Re: Security web page
Next by thread: Re: Security web page
Index(es):
- Date
- Thread