Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [thread-next>] [month] [year] [list] 
Date: Mon, 18 Feb 2008 11:57:27 -0900
From: Jonathan Smith <smithj@...ethemallocs.com>
To:  oss-security@...ts.openwall.com
Subject: FAQ for upstream maintainers

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Since my main goal (I understand if your goals differ, but they
certainly should not conflict) for this list is to provide a way for
upstream to coordinate with the vendors, I'm going to start a FAQ or
tutorial or whatever dedicated to what upstream should do when they get
a report from a user about a security issue.

Basic rough draft:
http://oss-security.openwall.org/wiki/whattodo

I'm sure it can use some cleanup... Ideas, submissions, etc welcome!
Also quite welcome would be someone with wiki-fu prettying up the page :-)

	smithj

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.8 (GNU/Linux)

iEYEARECAAYFAke58TcACgkQCG91qXPaRem2RACgh5bZX+OJ/luJGcXQRybsn1yS
GHEAnj8tglycXD8SS+ta4asn1OdYCuyO
=KMsb
-----END PGP SIGNATURE-----

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux