Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <e2ec939c-1fa5-8619-7771-d68ee2bff13c@coreos.com>
Date: Tue, 27 Jun 2017 13:59:48 -0700
From: Euan Kemp <euan.kemp@...eos.com>
To: oss-security@...ts.openwall.com
Subject: CoreOS membership to linux-distros

Hello.

We, the Container Linux team at CoreOS[0], would like to request
membership to the linux-distros list.

We've requested membership once before[1], but at the time new members
weren't being added iirc.

Based on Solar's comments in the Stack Clash thread, this seems like a
good time to renew this discussion.


To preempt some possible questions:

Q: What’s Container Linux?
Container Linux (formerly called CoreOS) is a linux distribution for
servers which automatically updates by default; it’s generally available
and has a fairly large install base.

Q: Can you handle embargoed builds?
We have the infrastructure and experience to make embargoed
builds/releases. These have been exercised by e.g. docker CVEs in the past.

Q: Do you have an advisory page?
We don't have a more comprehensive advisory page than our release notes
(which list CVEs fixed in each version) and in some cases blog posts.
We intend to have an advisory page at some indeterminate point in the
future.


- Euan

[0]: https://coreos.com/why/
[1]: http://seclists.org/oss-sec/2016/q4/205




Download attachment "signature.asc" of type "application/pgp-signature" (852 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.