Security Response Team

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
m (1 revision(s))
m (fix links)
Line 5: Line 5:
 
Team members, along with their primary security related interests and competencies:
 
Team members, along with their primary security related interests and competencies:
  
* JoshBressers (Team Lead)
 
* DennisGilmore
 
* JesseKeating
 
 
* Monitoring/reporting; general packaging related issues; buildsystem related issues; all supported releases
 
* Monitoring/reporting; general packaging related issues; buildsystem related issues; all supported releases
* ChrisRicker
+
:* [[JoshBressers]] (Team Lead)
* VilleSkyttä
+
:* [[DennisGilmore]]
 +
:* [[JesseKeating]]
 +
 
 
* Monitoring/reporting; Java, Perl, Python, shell, SQL, HTML, Javascript, general packaging related issues; current FC+FE release
 
* Monitoring/reporting; Java, Perl, Python, shell, SQL, HTML, Javascript, general packaging related issues; current FC+FE release
* JasonTibbitts
+
:* [[ChrisRicker]]
* DavidEisenstein
+
:* [[VilleSkyttä]]
 +
 
 
* Working with Fedora Legacy; Monitoring/reporting; RPM packaging; interfacing with Fedora Extras
 
* Working with Fedora Legacy; Monitoring/reporting; RPM packaging; interfacing with Fedora Extras
* LukeMacken
+
:* [[JasonTibbitts]]
 +
:* [[DavidEisenstein]]
 +
 
 
* Security updates, [https://fedorahosted.org/bodhi/ bodhi] , [[LukeMacken/SecurityLiveCD|  SecurityLiveCD]]  
 
* Security updates, [https://fedorahosted.org/bodhi/ bodhi] , [[LukeMacken/SecurityLiveCD|  SecurityLiveCD]]  
* LubomirKundrak
+
:* [[LukeMacken]]
 
* Monitoring, reporting, triaging and tracking.
 
* Monitoring, reporting, triaging and tracking.
* KevinFenzi
+
:* [[LubomirKundrak]]
 
* Monitoring/reporting, EPEL security tracking.
 
* Monitoring/reporting, EPEL security tracking.
 +
:* [[KevinFenzi]]
  
 
== Goals ==
 
== Goals ==
Line 30: Line 33:
  
 
== Contacting ==
 
== Contacting ==
Email is the best way to contact the Fedora Security Response Team.  Public requests should be sent via [[MailTo(fedora-security-list AT SPAMFREE redhat DOT com)] .  Private requests may be sent to [[MailTo(security AT SPAMFREE fedoraproject DOT org)]  .
+
Email is the best way to contact the Fedora Security Response Team.  Public requests should be sent via [[MailTo(fedora-security-list AT SPAMFREE redhat DOT com)].  Private requests may be sent to [[MailTo(security AT SPAMFREE fedoraproject DOT org)]  .
  
 
=== Participation ===
 
=== Participation ===
 
Individuals with interest in the Security Response Team, or the Fedora security process should subscribe to the [http://www.redhat.com/mailman/listinfo/fedora-security-list fedora security list] .  The goal of this list is to provide a public venue for the discussion of security issues and policies regarding the various Fedora projects.  Various members of the team can also be found in the #fedora-security channel on Freenode.
 
Individuals with interest in the Security Response Team, or the Fedora security process should subscribe to the [http://www.redhat.com/mailman/listinfo/fedora-security-list fedora security list] .  The goal of this list is to provide a public venue for the discussion of security issues and policies regarding the various Fedora projects.  Various members of the team can also be found in the #fedora-security channel on Freenode.
  
----
+
 
 
[[Category:Security]]
 
[[Category:Security]]

Revision as of 08:09, 11 July 2008

The Fedora Security Response Team is currently in the creation stage. The initial purpose of the team is to track public security issues in Fedora.

Contents

Members

Team members, along with their primary security related interests and competencies:

  • Monitoring/reporting; general packaging related issues; buildsystem related issues; all supported releases
  • Monitoring/reporting; Java, Perl, Python, shell, SQL, HTML, Javascript, general packaging related issues; current FC+FE release
  • Working with Fedora Legacy; Monitoring/reporting; RPM packaging; interfacing with Fedora Extras
  • Monitoring, reporting, triaging and tracking.
  • Monitoring/reporting, EPEL security tracking.

Goals

  • Monitor various security information sources for potential security problems (old and new ones)
  • When an issue is discovered: file appropriate bugs, alerting the maintainer of the need to patch their package.
  • Maintain list of fixed and unfixed security issues in a public CVS repository (similar how it is done for core)
  • Create and post announcements for fixed packages to proper mailing lists
  • Encourage and foster public discussion of various security issues and procedures via the fedora-security mailing list.

Contacting

Email is the best way to contact the Fedora Security Response Team. Public requests should be sent via [[MailTo(fedora-security-list AT SPAMFREE redhat DOT com)]. Private requests may be sent to [[MailTo(security AT SPAMFREE fedoraproject DOT org)] .

Participation

Individuals with interest in the Security Response Team, or the Fedora security process should subscribe to the fedora security list . The goal of this list is to provide a public venue for the discussion of security issues and policies regarding the various Fedora projects. Various members of the team can also be found in the #fedora-security channel on Freenode.