From nobody Mon Jun 8 09:26:47 2026 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYms10Ktjz6fhc5 for ; Mon, 08 Jun 2026 09:27:01 +0000 (UTC) (envelope-from alice@freebsdfoundation.org) Received: from mail-yw1-x1134.google.com (mail-yw1-x1134.google.com [IPv6:2607:f8b0:4864:20::1134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYmrz6YyXz3khZ for ; Mon, 08 Jun 2026 09:26:59 +0000 (UTC) (envelope-from alice@freebsdfoundation.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=freebsdfoundation.org header.s=gfnp-20170908 header.b=Zxr9Sjpq; dmarc=pass (policy=none) header.from=freebsdfoundation.org; spf=pass (mx1.freebsd.org: domain of alice@freebsdfoundation.org designates 2607:f8b0:4864:20::1134 as permitted sender) smtp.mailfrom=alice@freebsdfoundation.org; arc=pass ("google.com:s=arc-20240605:i=1") Received: by mail-yw1-x1134.google.com with SMTP id 00721157ae682-7e3b2a435ecso36157997b3.1 for ; Mon, 08 Jun 2026 02:26:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1780910818; cv=none; d=google.com; s=arc-20240605; b=LtnrUxDiLdpvSo6ekUYRYGucVrjiiu6nHODiedWt4RXcNfGy3MXp/1V83XVVs/NG4C OiI6ZLo5JgjX61ghHao330dcNju3yKG2IwOj0k52wZeMB7APAxr32lqKKeK9CyeH8W/3 bBZmFNHX+6wUqLNbQ/QQA+khEHtxZe/xoPW5YJORwuKzLFqPVYXsEVRa5djiv0lOVbBH XPDAdyQNugnFH42h0HwQpudZDRkF0RMZs+czfyaOcPMVbxNlV69xJYK+Dev6AdI9X73G gMcKd8pf7bG+fizteNaeA+vhRInuH8Zx/kwz6yxeAudJeAuQk7Y49b1yB5lsoGZEYYPJ go7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=to:subject:message-id:date:from:mime-version:dkim-signature; bh=Y6RJ2nv538onIlT6t+XNSsoGS7mIZxo16XYjusUGUGw=; fh=8X/fzy6oRkinpO/u1+30mH2eQUCHV465yZU8zsG9ReM=; b=AnjX4Xjf/NEZPxe0jiYqkS9n0QgWTddIaepEmh1ogzqgUyDWMoV+SQQ4qkjbj3HuLC EUTGZHsCpLTPsEoHLcXtwjH49Y/7OiwVd5p/BJlfFPvrht2SsOjZLid8+cGYDdTNtyjY jyt8IiTiHzepIEbtQNgrpkIdzg4gPW3mGIOiOFH0vhuNcA3F4ugNmHHkwizdzE/TbJET KdC3wmCvaHzu9KwnfM7UQz5nJJMqDqXqvZ1UQabsR+dY6dMMAd51ZpE51/rWgK0Vcz8v DVaAsXYSytiD16J4UqbzqBjAgZhvFYRQaq8jBW3ipYEzo1a3IBEEBsnlrVxs1qvG7pI/ Oq3w==; darn=freebsd.org ARC-Authentication-Results: i=1; mx.google.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsdfoundation.org; s=gfnp-20170908; t=1780910818; x=1781515618; darn=freebsd.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=Y6RJ2nv538onIlT6t+XNSsoGS7mIZxo16XYjusUGUGw=; b=Zxr9SjpqaWRselYfMKDjKq364Rhxx2xlLJ1gm3ZeXuVfzNvBR3IJyRRM3UY7FaedQj fQUhPMsy2aY0IayHKSpjzj/8o4SC0FnHALC13wPB6EKcUhhE/0O/+7C8Eq6Ew41370Sq /yma8JOWacNab8dDQV2HtqXADi+l5Q1jJDgkgZLUyJPFE+g4F6LKXpMt//vS/K0PkloC 5p66iXRMU3O6wkBzEiAAMW9B+hIC8kua0mKQoIAWBmymG00vGzArSs8uegP8RZOC8Cjm bWmtHinIVzEku0ik36wT4bXGoeuhBAEHjv2MHxh8EdcXqWrbivVpz4s9/QIlg4yZ/AMB 2/Qg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1780910818; x=1781515618; h=to:subject:message-id:date:from:mime-version:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Y6RJ2nv538onIlT6t+XNSsoGS7mIZxo16XYjusUGUGw=; b=XqEXBANWhaqaM6IPCOQUVgMrBbMKFbwCamqqueph3MmzN4p2FBZLWktGy5wqZa93Dl tV6UJKaD3+kv822QM+ZhtoQtAFcov5yEDJr2BIMAQg5+AL1PP3MP3mmdG25IJPMx7U99 X8nC9FRW6o/ymsyzDz3ARWvlLKfHOq098RtS++/gl1/GAMhQz+FKQjxUuIuWXFQgXdOp 9nVPt9Yj7k0izHrtRRpKoejfvCr3HYeKAyAhvWz7+Dgx8M7OcU7Ls89q16kvkIV2hzH0 MW3l3dXSJdjGTmThQM3lntkbyL0KiZoYhIL81HOTy6VUMpRCrTl5PVAKMeF4jULj/r8h hPYw== X-Gm-Message-State: AOJu0YzzaSBgD3s7Pdi+1qO5DfZ9OMjWk2O9u1aVgUSQ33FgUTW5Mjgf 52M8ymn3++hdmjnni784cC/1YoW+hw8EtARDcAVfu2KvYoCtJtInfXlyr8z2Bw4dGJ03qrk1/Lh Z+XDJf5K/QVCzXOlrIVqYi8FKoLNrQyaukfoQ5HLX1p8xgzfCN0gApjdsJXqV X-Gm-Gg: Acq92OHeTfZCDQ0hkk9eicmZaAqkMerOw9RykV/nWr2hXyZLIV5mxSAtDwebyr0pcIJ NK74a4CeRoGUAbE7MetTU4yom2M82Wnka5Dhvl0lfguB2Ab1Va/jgnCTDl6g6CnRltuPUPy018c KlGZKU78Is4EWVaDlTlKRx/Ov8k/AS9ehHf8PtLLUV8Ps503TH60JfzAb+b5YB0Lop5BrMjTKyF qG/IhUggitKc6gRie99eQ6ApW28Bjsjl1xzq5Y069ElelDI8uYg6kL7m1ybxAGaE5msAcFtFeE0 Y+5YQrmq+5sYXr9EYLb5CifVy/BjN6aczg8ORO2F0apznrk2R4/k37SHCRLwR2zykjEMwUlGa83 Tkmw+j2RmkrxXJJLute5gjHAGRPWP5+zXs5fkplXT9t72VLTSjbUXsGX1GA== X-Received: by 2002:a05:690c:6f0b:b0:7a3:7ad3:3e9e with SMTP id 00721157ae682-7ed0c3315e2mr130591447b3.32.1780910818125; Mon, 08 Jun 2026 02:26:58 -0700 (PDT) List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-security@freebsd.org Sender: owner-freebsd-security@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 From: Alice Sowerby Date: Mon, 8 Jun 2026 10:26:47 +0100 X-Gm-Features: AVVi8Ccyg3ZL1isit_PtimNUz45o2umDEB2oOuO9fs4drmrb6Zet2fJxXXdDNsk Message-ID: Subject: New Open Consultation - EU Cyber Resilience Act To: freebsd-security@freebsd.org Content-Type: multipart/alternative; boundary="000000000000b0f3b40653ba9c32" X-Spamd-Result: default: False [-5.00 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; ARC_ALLOW(-1.00)[google.com:s=arc-20240605:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.997]; DMARC_POLICY_ALLOW(-0.50)[freebsdfoundation.org,none]; R_DKIM_ALLOW(-0.20)[freebsdfoundation.org:s=gfnp-20170908]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4864::/56]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MISSING_XM_UA(0.00)[]; RCVD_COUNT_ONE(0.00)[1]; MLMMJ_DEST(0.00)[freebsd-security@freebsd.org]; RCVD_TLS_LAST(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::1134:from]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[freebsdfoundation.org:+] X-Spamd-Bar: ---- X-Rspamd-Queue-Id: 4gYmrz6YyXz3khZ --000000000000b0f3b40653ba9c32 Content-Type: text/plain; charset="UTF-8" Hello everyone, There is a new open consultation relating to the EU Cyber Resilience Act. ___________________________________________________________ - Category: Standards - Title: Consultation on draft Technical Advisory for the Secure Use of Package Managers - Organisation: ENISA (European Union Agency for Cybersecurity) - Description: This survey invites you to comment on aspects of the advisory, including the overall approach, the coverage of update lifecycle threats, and the clarity and usefulness of recommendations across the update lifecycle. We are also interested in your thoughts on whether the technical advisory is concise enough, and where content could be refined, expanded, or removed. Your insights, whether from hands-on experience, security expertise, or general familiarity with update mechanisms, are highly valued. The results of this consultation will directly inform the final iteration of the technical advisory. - Main link: https://ec.europa.eu/eusurvey/runner/technical_advisory_update_mechanisms - Relevant to: Stewards, Maintainers, Manufacturers - Who can respond: Anyone - Shared in: freebsd-security@freebsd.org - Foundation response: The Foundation will not respond directly but has passed it to the security team for visibility. - Closing date: None given ___________________________________________________________ NOTE: this information, along with information about other open consultations, can be found at https://github.com/FreeBSDFoundation/all-projects/blob/main/Cyber%20Resilience%20Act%20Readiness/legislative-engagement/requests-for-input.md -- Alice Sowerby Part-time Technical Program Manager M +44 7787 953393 --000000000000b0f3b40653ba9c32 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello everyone,

There is a new open consu= ltation relating to the EU Cyber Resilience Act.
____________= _______________________________________________
  • Category: Standards
  • Title: Co= nsultation on draft Technical Advisory for the Secure Use of Package Manage= rs
  • Organisation: ENISA (European Union A= gency for Cybersecurity)
  • Description: Th= is survey invites you to comment on aspects of the advisory, including the = overall approach, the coverage of update lifecycle threats, and the clarity= and usefulness of recommendations across the update lifecycle. We are also= interested in your thoughts on whether the technical advisory is concise e= nough, and where content could be refined, expanded, or removed. Your insig= hts, whether from hands-on experience, security expertise, or general famil= iarity with update mechanisms, are highly valued. The results of this consu= ltation will directly inform the final iteration of the technical advisory.=
  • Main link: https://ec.europa= .eu/eusurvey/runner/technical_advisory_update_mechanisms=C2=A0
  • Relevant to: Stewards, Maintainers, Manufacturer= s
  • Who can respond: Anyone
  • Shared in:=C2=A0freebsd-security@free= bsd.org
  • Foundation response: = The Foundation will not respond directly but has passed it to the security = team for visibility.
  • Closing date: None = given
___________________________________________________________<= br>
NOTE: this information, along with information about other open cons= ultations, can be found at=C2=A0https://github.com/Fr= eeBSDFoundation/all-projects/blob/main/Cyber%20Resilience%20Act%20Readiness= /legislative-engagement/requests-for-input.md=C2=A0
--
Alice Sowerby
Part-time Technical Program Manager
M +44 7787 953393
--000000000000b0f3b40653ba9c32--