Subject: Re: CERT bulletins not including NetBSD?
To: Todd Vierling <firstname.lastname@example.org>
From: Dave Burgess <email@example.com>
Date: 09/20/1997 10:36:38
> Once again a CERT bulletin goes out without NetBSD in the vendor list. Do
> we have a representative that responds to security issues, particularly one
> CERT knows to contact when a vulnerability is discovered? Are we looking
> for someone to take on the responsibility? (I'm not offering, at least not
> yet. :)
> It would be good to see NetBSD mentioned in these bulletins, especially with
> so many people out there still running 1.1, 1.2, and 1.2.1, that are not yet
> on -current. NetBSD *needs* to be on their "vendor list."
I would be glad to act as the focal point for these. While I'm actually
not well equiped to DO anything about them, I have worked on security
stuff with 386BSD and NetBSD in the past.
In another life, I've also been a security manager at a Major Command
for a large arm of the US Department of Defense.
Dave Burgess Network Engineer - Nebraska On-Ramp, Inc.
*bsd FAQ Maintainer / SysAdmin for the NetBSD system in my spare bedroom
"Just because something is stupid doesn't mean there isn't someone that
doesn't want to do it...."