Differences

This shows you the differences between two versions of the page.

Link to this comparison view

mailing-lists:oss-security [2018/03/30 18:36]
solar [List Membership and Moderation] dropped links to dead third-party list archive & Twitter
mailing-lists:oss-security [2024/02/28 03:54] (current)
solar Convert links from http to https
Line 3: Line 3:
  
 The purpose of the Open Source Security (oss-security) group is to encourage public discussion of security flaws, concepts, and practices in the Open Source community. ​ The members of this group include, but are not limited to Open Source projects, distributors,​ researchers,​ and developers. The purpose of the Open Source Security (oss-security) group is to encourage public discussion of security flaws, concepts, and practices in the Open Source community. ​ The members of this group include, but are not limited to Open Source projects, distributors,​ researchers,​ and developers.
 +
  
 ===== List Membership and Moderation ===== ===== List Membership and Moderation =====
Line 10: Line 11:
 Anyone can send mail to the mailing list at <​oss-security@lists.openwall.com>,​ regardless of membership status. ​ Non-members,​ and new members will have their messages to the mailing list moderated to ensure that the discussions remain on topic and stay positive. ​ Once a person has shown themselves to be a responsible community member, their messages to the list will no longer be moderated. Anyone can send mail to the mailing list at <​oss-security@lists.openwall.com>,​ regardless of membership status. ​ Non-members,​ and new members will have their messages to the mailing list moderated to ensure that the discussions remain on topic and stay positive. ​ Once a person has shown themselves to be a responsible community member, their messages to the list will no longer be moderated.
  
-Anyone is welcome to [[http://​oss-security.openwall.org/​subscribe|subscribe to the mailing list]] by sending an empty message to <​oss-security-subscribe@lists.openwall.com>​ or entering the e-mail address on the [[http://​oss-security.openwall.org/​subscribe|subscription page]]. ​ You will be **required to confirm your subscription by "​replying"​ to the automated confirmation request** that will be sent to you.  You will be able to [[./​oss-security/​unsubscribe|unsubscribe]] at any time and we will not use your e-mail address for any other purposes or share it with a third party. ​ However, if you post to the list, other subscribers and those viewing the archives may see your address(es) as specified on your message.+Anyone is welcome to [[https://​oss-security.openwall.org/​subscribe|subscribe to the mailing list]] by sending an empty message to <​oss-security-subscribe@lists.openwall.com>​ or entering the e-mail address on the [[https://​oss-security.openwall.org/​subscribe|subscription page]]. ​ You will be **required to confirm your subscription by "​replying"​ to the automated confirmation request** that will be sent to you.  You will be able to [[./​oss-security/​unsubscribe|unsubscribe]] at any time and we will not use your e-mail address for any other purposes or share it with a third party. ​ However, if you post to the list, other subscribers and those viewing the archives may see your address(es) as specified on your message.
  
 Please note that **registration on this wiki is //​distinct//​ from mailing list subscription**;​ you're **not** automatically subscribed when you register on the wiki. Please note that **registration on this wiki is //​distinct//​ from mailing list subscription**;​ you're **not** automatically subscribed when you register on the wiki.
  
-A read-only archive of the discussions contained on the list is available to the general public [[http://​www.openwall.com/​lists/​oss-security/​|locally]],​ as well as via [[http://​marc.info/?​l=oss-security|MARC]] and +A read-only archive of the discussions contained on the list is available to the general public [[https://​www.openwall.com/​lists/​oss-security/​|locally]],​ as well as via [[https://​marc.info/?​l=oss-security|MARC]] and 
-[[http://​seclists.org/​oss-sec/​|SecLists.Org]] +[[https://​seclists.org/​oss-sec/​|SecLists.Org]] 
-([[http://​seclists.org/​rss/​oss-sec.rss|RSS feed]]).+([[https://​seclists.org/​rss/​oss-sec.rss|RSS feed]]).
 Additionally,​ there is Twitter account [[https://​twitter.com/​oss_security|oss_security]]. Additionally,​ there is Twitter account [[https://​twitter.com/​oss_security|oss_security]].
  
Line 35: Line 36:
 ===== CVE Requests ===== ===== CVE Requests =====
  
-Previously, one could request CVE IDs for issues in Open Source software from oss-security. ​ This is no longer the case.  Instead, please start by posting about the (to be made) public issue to oss-security (without a CVE ID), request a CVE ID [[https://​cveform.mitre.org|from MITRE directly]], and finally "​reply"​ to your own posting when you also have the CVE ID to add.  With the described approach you would only approach MITRE after the issue is already public, but if you choose to do things differently and contact MITRE about an issue that is not yet public, then please do not disclose to them more than [[http://​www.openwall.com/​lists/​oss-security/​2015/​04/​14/​3|the absolute minimum]] needed for them to assign a CVE ID.+Previously, one could request CVE IDs for issues in Open Source software from oss-security. ​ This is no longer the case.  Instead, please start by posting about the (to be made) public issue to oss-security (without a CVE ID), request a CVE ID [[https://​cveform.mitre.org|from MITRE directly]], and finally "​reply"​ to your own posting when you also have the CVE ID to add.  With the described approach you would only approach MITRE after the issue is already public, but if you choose to do things differently and contact MITRE about an issue that is not yet public, then please do not disclose to them more than [[https://​www.openwall.com/​lists/​oss-security/​2015/​04/​14/​3|the absolute minimum]] needed for them to assign a CVE ID.
  
 ====== Contact Information ====== ====== Contact Information ======
  
 If you experience any problems with mailing list subscription or setup, or have suggestions on improving it, please contact us at <​listadmin@oss-security.openwall.org>​. If you experience any problems with mailing list subscription or setup, or have suggestions on improving it, please contact us at <​listadmin@oss-security.openwall.org>​.
mailing-lists/oss-security.1522427764.txt · Last modified: 2018/03/30 18:36 by solar
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux