dc9 - 0.5
DebConf9
| Speakers | |
|---|---|
|
Micah Anderson |
| Schedule | |
|---|---|
| Day | DebConf day 6 (2009-07-29) |
| Room | BOF room - no video |
| Start time | 16:00 |
| Duration | 01:00 |
| Info | |
| ID | 521 |
| Event type | bof |
| Track | DebConf Unofficial |
| Language | en |
| Feedback | |
|---|---|
|
Did you attend this event? Give Feedback |
Security BOF
This is a discussion amongst the involved security people at Debconf. It is not a presentation, but rather a work group discussion. The focus will be around improving the existing security work in Debian.
This BOF will discuss things such as the following:
more members for testing-security, how do we get new people in? I think we have becoming pretty good in maintaing the tracker recently but we really lack of people who also fix bugs and write patches
testing migration, almost no one cares about testing migration at the moment which is one of the reasons we don't have security support for testing at the moment
testing security support, what needs to be done and how can we solve the current problems.
Debian as a CNA, while we can assign CVE ids the current workflow is far from perfect, we have large delays sometimes getting CVE ids and I think binding this to one person is a rather bad idea.
how to push for enabling more hardening compile options in squeeze
moving infrastructure to the new KVM instance (currently the testing-security infrastructure is spread over three non debian.org hosts)
tracking of packages that got into testing/unstable from proposed upgrades (and how to detect if the maintainer uploads a vulnerable version again)