Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20110403205955.GA8811@openwall.com>
Date: Mon, 4 Apr 2011 00:59:55 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: Closed list

On Sat, Apr 02, 2011 at 05:25:11PM -0400, Elliot Peele wrote:
> I was on vendor-sec via the security@...th.com exploder as a representative of rPath and rPath Linux.
> 
> pub   1024D/05C54D73 2002-07-02 Elliot Peele <elliot@...th.com>
>  Primary key fingerprint: 00F5 0BEE 168B C07E C49E  AEC8 992A A820 05C5 4D73

Tentatively subscribed (although Elliot reported an issue with list
messages arriving to him, which we'll try to figure out off-list).

Elliot - can you please post an URL with info on rPath Linux security
response?  I went to http://www.rpath.com but could not easily find
anything relevant.  There's an entry for rPath on the oss-security wiki:

http://oss-security.openwall.org/wiki/vendors#rpath-inc

It has a link to the security-announce mailing list.  The archive has a
message in Feb 2011 ("kernel" update on 2011-02-07) and a message in Dec
2010 ("gnupg" update on 2010-12-06).  Nothing in Nov (but a bunch of
updates in Oct).  This gives us two security updates in 5 most recent
months.  Naturally, I am not convinced that you should be on the list,
but I'd be happy to be convinced once we start using the list.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.