On Friday 26 August 2011 15:22:40 Daniel A. Avelino wrote: > > When I think about automation, I had in mind something that could help > > developers to find > vulnerabilities in a more fast way [searching and confronting CVE, for > example] and start a > "call for solution" process. I work with solutions of this type for WEB > vulnerabilities discover > and some tools are very interesting to reduce the correction time. >
We already use CVE as one of our sources of vulnerability intelligence. Finding issues is also not the real issue here. Also, actual issue correction is not our job, it's the responsibility of the package maintainer. Can you share details about the utilities you are using? Alex -- Alex Legler <a...@gentoo.org> Gentoo Security / Ruby
signature.asc
Description: This is a digitally signed message part.
