[CentOS-devel] The CentOS Security Response Team
Karanbir Singh
kbsingh at centos.orgTue May 20 15:15:09 UTC 2014
- Previous message: [CentOS-devel] [off-list ] Re: moving t_functional and other repos from gitorious to git.c.o
- Next message: [CentOS-devel] The CentOS Security Response Team
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi, As SIG's come up and move forward - we are going to need to have a better established, documented and process driven security response team. While we can, in a pinch, reach into and request some resources from the RedHat SRT, they are in no way bound to help or even be involved in the overall CentOS Ecosystem - and we should really setup our own group to handle these requests. In the past conversations we had thought of setting up a group of maybe 3 to 5 people, who can triage and communicate with the respective groups of people responsible for the code or infra in question. This would not only include centos resources, but also be the contact point for upstream security notices from projects associated with us. In this case, they would be the people managing security at centos.org - with that email address being the primary contact for projects in the SIG's upstream as well. We would also then setup a private security mailing list. thoughts ? comments ? feedback ? -- Karanbir Singh, Project Lead, The CentOS Project +44-207-0999389 | http://www.centos.org/ | twitter.com/CentOS GnuPG Key : http://www.karan.org/publickey.asc
- Previous message: [CentOS-devel] [off-list ] Re: moving t_functional and other repos from gitorious to git.c.o
- Next message: [CentOS-devel] The CentOS Security Response Team
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list