[Secure-testing-team] resolving hard TODOs

Joey Hess joeyh at debian.org
Tue Mar 1 03:02:17 UTC 2005


Micah Anderson wrote:
> I was thinking that one way to try and grapple with these is to make a
> post to debian-devel asking for a brainstorm on what packages contain
> X.400, S/MIME, modify JPEG images, contain libtiff, etc. and see if we
> can come up with a list of packages to look at. I dont know if this
> will get us the complete list of all possible packages, but it is a
> much better way of coming up with a list than me or you coming up with
> the list, or even all of us here working together to devise it.
> 
> What do people think?

It's a good idea. At some point it does become more a security audit
type of thing, and I wonder if the people who are doing debian security
audits would be interested in looking at these.

BTW, another CAN that I have been finding hard to check for some reason
is CAN-2005-0206.

-- 
see shy jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20050228/b751bea3/attachment.pgp


More information about the Secure-testing-team mailing list