Apr 2, 2022, 21:28 by arch-general@lists.archlinux.org: > I noticed the same thing and had the same question > > On 4/2/22 17:14, Morten Linderud via arch-general wrote: > >> On Sat, Apr 02, 2022 at 08:16:33PM +0200, kiasoc5--- via arch-general wrote: >> >>> The arch-security mailing list has not sent anything since December 2021. >>> How >>> come? Have there been 0 security fixes in packages? Is the security team >>> busy? >>> Something else? Just curious, thanks. >>> >> >> Yo, >> >> There has been several CVEs registered in the tracker but no advisory work >> has >> been done since December. This is mostly because of security team burnout and >> the tedious work that CVE tracking entails. >> Sorry to hear. Thanks for at least keeping the tracker updated. I'm guessing that's why arch-audit has not informed me of any security updates recently.
>> Getting some form of automatic CVE ignestion to the point where we don't >> need to >> deal with the manuel work it currently is would be great, but that requires a >> fair bit of work sadly :/ >>
