Re: pkg-vulnerabilities file now in pkgsrc

To: Thomas Klausner <wiz%NetBSD.org@localhost>
Subject: Re: pkg-vulnerabilities file now in pkgsrc
From: Brook Milligan <brook%nmsu.edu@localhost>
Date: Fri, 29 Sep 2023 08:35:30 -0600

> On Sep 29, 2023, at 3:32 AM, Thomas Klausner <wiz%NetBSD.org@localhost> wrote:
> 
> Feel free to add CVE information to
> pkgsrc/doc/pkg-vulnerabilities. pkgsrc-security will monitor commits
> and upload new signed copies.

Just to be clear, the pkgsrc file will be the master version (except for signing)?  That is, the only pathway for new vulnerabilities into the signed version is through a commit to the pkgsrc file?  Is the process documented?

Cheers,
Brook

Follow-Ups:
- Re: pkg-vulnerabilities file now in pkgsrc
  - From: Thomas Klausner

References:
- pkg-vulnerabilities file now in pkgsrc
  - From: Thomas Klausner

Prev by Date: pkg-vulnerabilities file now in pkgsrc
Next by Date: Re: pkg-vulnerabilities file now in pkgsrc
Previous by Thread: pkg-vulnerabilities file now in pkgsrc
Next by Thread: Re: pkg-vulnerabilities file now in pkgsrc
Indexes:

Home | Main Index | Thread Index | Old Index