> On Mar 12, 2017, at 4:14 AM, Alexis Ballier wrote:
>
>
> Also, it'd be nice to have something more formal for sec. cleanup:
> "After 30 days a sec. issue has been fixed, sec. team is free to
> cleanup old vulnerable versions.". I've seen too much pings by sec.
> team members on old bugs for
On 3/13/17 3:10 PM, Thomas Deutschmann wrote:
> I completely disagree with that.
>
> The whole powerful lead/deputy thing is going in the wrong direction.
>
> We don't need that. Security project is nothing special and doesn't need
> a strong lead with such a power to rule the entire Gentoo pr
On 3/13/17 3:28 PM, Thomas Deutschmann wrote:
> A lead is only needed if the team can't get a decision.
>
> Saying that the team could call for re-election if they don't like
> lead's decision is ridiculous from my view: Like said it isn't the lead
> who controls the direction. It is the lead who
Rick a very good message (and well thought out).
On 3/13/17 4:33 PM, Rich Freeman wrote:
> On Mon, Mar 13, 2017 at 3:28 PM, Thomas Deutschmann wrote:
>
> The two areas that I see as possibly pushing security towards being a
> special project are:
> 1. Masking or otherwise directly touching pack
We have a package that is currently under the Project:Net-Mail that is
in need of a maintainer that has a security vulnerability against it.
Does anyone want to pick it up?
- mail-client/squirrelmail
Thank you,
BlueKnight
signature.asc
Description: OpenPGP digital signature
Rich,
Core should be fine to have a system that at least boots. And security
still tracks ~arch's to get the system secured by removing vulnerable
packages as time permits.
We can not have an arch though blocking the security of the whole
distribution because we can not call for cleanup or releas
ed be.
>
So just to be clear, any developer can rekeyword a package to ~ppc?
--
Yury German
Email: bluekni...@gentoo.org
GPG Fingerprint: 8858 89D6 C0C4 75C4 D0DD FA00 EEAF ED89 024C 043
signature.asc
Description: OpenPGP digital signature
:
> If there really is a dedicated team up
> to the task and demonstrably active in keywording/stablereq'ing, we can
> reconsider.
--
________
Yury German
Gentoo Security Team Lead | Gentoo Infrastructure | Planet Gentoo
Email: bluekni...@gentoo.org
GPG Fingerprint: 8858 89D6
arches and just follow a more relaxed policy for non-stable
packages.
For those not familiar, we (security) only need to have the package in
tree and the vulnerable packages dropped, which is easily accomplished
by the maintainer with no need for arches to get involved.
Yury German (BlueKnight
status
____
Yury German
Gentoo Security Team | Planet Gentoo | Gentoo Infrastructure
Email: bluekni...@gentoo.org
GPG Fingerprint: 8858 89D6 C0C4 75C4 D0DD FA00 EEAF ED89 024C 043
> On Sep 13, 2017, at 4:03 AM, Sergei Trofimovich wrote:
>
signature.asc
Description: Message signed with OpenPGP
know. As we would have to find
a replacement.
If you have any questions please feel free to contact me directly or
"pla...@gentoo.org"
--
Yury German
GLSA Coordinator | Gentoo Security Team
Administrator | Planet Gentoo
Email: bluekni...@gentoo.org
GPG Fi
ng it run since I have
> a ton of blog posts that I want to make sure appear on planet.gentoo.org.
And with that... Anthony (Blueness) is part of the official planet team.
Welcome aboard!
--
Yury German
GLSA Coordinator | Gentoo Security Team
Administrator | Planet Gent
/output/genrdeps/dindex/app-text/htmltidy
https://qa-reports.gentoo.org/output/genrdeps/rindex/app-text/htmltidy
__
Yury German
GLSA Coordinator | Gentoo Security Team
Administrator| Planet Gentoo
Email: bluekni...@gentoo.org
GPG Fingerprint: 8858 89D6 C0C4 75C4 D0DD
On 6/5/16 8:02 PM, Patrice Clement wrote:
> Sunday 05 Jun 2016 19:39:26, Yury German wrote :
>> app-text/htmltidy currently has no maintainers. It has a vulnerability
>> [Security Bug] filed against it. And a number of other [package depend
>> on it]. Is nyone
?
On 6/6/16 10:41 AM, Raymond Jennings wrote:
> If tidy-html5 can take care of anything htmltidy can, then we can boot
> the latter as obsolete anyhow. Are there any backwards compatibility
> issues if we just punt it and let tidy-html5 take over?
>
> On Mon, Jun 6, 2016 at 7:15
future.
If you have any questions, please do not hesitate to ask.
Thank you,
Yury German
Gentoo Infrastructure - GSOC Admin
Email: bluekni...@gentoo.org
Hello All,
The projects that the contributors along with a group of mentors will be
working on are:
- musl support expansion (focusing on KDE)
- musl support expansion (focusing on GNOME)
- RISC-V support for Gentoo Prefix
- Refining ROCm Packages in Gentoo
As part of the introduction to the Ge
and impart your wisdom about Gentoo.
> On Jun 3, 2022, at 2:24 PM, Yury German wrote:
>
Thank you,
BlueKnight
Hello All,
The registration period for Google Summer of Code is coming up soon. To
continue on with running Gentoo Summer of Code we need some assistance with the
project.
The following roles are needed:
1. Admin Role - To help run the project I need co-admins to help run the
project. Google
://summerofcode.withgoogle.com
[2] Gentoo GSoC Blog - https://blogs.gentoo.org/gsoc/
Thank you,
BlueKnight
Yury German
Planet Gentoo | Gentoo Infrastructure | Gentoo GSoC
Email: bluekni...@gentoo.org
GPG Fingerprint: 8858 89D6 C0C4 75C4 D0DD FA00 EEAF ED89 024C 043
being able to mentor. At the current stage we will be unable to
participate in this years GSoC if we are unable to get a bigger pool of
potential mentors.
There are only 2 days left. If you are interested please let me know ASAP.
Thank you,
BlueKnight
> On Jan 11, 2023, at 8:33 AM, Y
Andreas,
I can only attempt. I am not a good programer more of a security person. I am
in the process of taking my dev tests now. But if I was going to help maintain
anything VmWare would be a prime example since I use it extensively for work
(although on Mac).
Yury German
I have talked to the YubiKey people at a few shows (BlackHat), and they
told me that they are looking at Bluetooth key store. To work with iPad
and Android.
That would be great, but the problem is programs that can use that.
On 12/28/15 10:07 AM, Kristian Fiskerstrand wrote:
>
>
> [Sent from m
Hey everyone!
The Google Summer of Code (GSoC) has announced the new application deadline for
organizations. Gentoo needs to submit their application with proposed projects
by February 11th. They’ve specifically requested more “Security and AI/ML”
projects for GSoC.
We’re seeking volunteers to
24 matches
Mail list logo
