Date: Wed, 10 Jun 2015 00:07:12 -0700 From: Eitan Adler <lists@eitanadler.com> To: Mark Felder <feld@freebsd.org> Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: Ports Secteam Message-ID: <CAF6rxgkuNjqScDWX=P8UiwARtxFHtpqYXs-3qgKyQha0PWXzbg@mail.gmail.com> In-Reply-To: <1433914224.244626.291502609.0C780DD0@webmail.messagingengine.com> References: <CA%2BQLa9C4e8g56dvoLqHbtPCTVFjnx-noyzj_Jm8CEz8%2BVzycKw@mail.gmail.com> <557625CA.8030206@delphij.net> <1433914224.244626.291502609.0C780DD0@webmail.messagingengine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9 June 2015 at 22:30, Mark Felder <feld@freebsd.org> wrote: > > How do we make the ports-secteam effective again? Team members? > Infrastructure? New documentation and procedures? ports-secteam's scope has grown since it was created. The team needs new, active, members to be able to deal with the VuXML and quarterly branch portion of its work. We also need to creating tooling to make this easier: for instance it would be really awesome to automatically create VuXML entries from CVE/CPE data. > However, I'm not sure > "number of commits" is necessarily a valuable metric when considering > candidates... I agree. I *am* active as a ports-security member: I monitor relevent open & closed security lists for concerns that may affect FreeBSD. In addition I watch pkgng development for new security concerns. That said, I havn't committed to the ports tree very much lately. -- Eitan Adler
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgkuNjqScDWX=P8UiwARtxFHtpqYXs-3qgKyQha0PWXzbg>