Bugtraq mailing list archives
listing of vendor's security-announcement lists
From: Matt Power <mhpower () BOS BINDVIEW COM>
Date: Thu, 21 Dec 2000 19:17:13 -0500
In http://www.securityfocus.com/archive/1/152248, Jose Nazario <jose () biocserver bioc cwru edu> wrote:
... you should be on every security list your vendor puts out. nearly every vendor has one. some are just busier than others.
Here are some references to many of these mailing lists (and a few references to the security web pages of vendors that don't have a mailing list specifically for security announcements). For the operating systems provided by BSDI, Caldera, Cobalt, Compaq, Conectiva, Corel, Debian, FreeBSD, IBM, MandrakeSoft, Microsoft, NetBSD, Novell, OpenBSD, Red Hat, SCO, SGI, Slackware, Sony, Sun Microsystems, SuSE, Trustix, TurboLinux, and WireX, there's information in http://razor.bindview.com/publish/papers/os-patch.html (toward the end, in the section "Discussion of Individual Vendors"). Hewlett-Packard also has a security-announcement list but the signup procedure involves a few separate steps. One posting that explains the procedure is http://www.securityfocus.com/archive/1/151712 A few more operating systems that have security-announcement lists: Stampede GNU/Linux stampede-linux-security; see http://www.stampede.org/mailinglists.php3 Yellow Dog Linux and Black Lab Linux yellowdog-updates list; see http://lists.yellowdoglinux.com/ Other operating systems where security announcements are on the web: ESWARE Linux http://www.esware.com/actualizaciones.html Kondara MNU/Linux http://www.kondara.org/errata/index.html.en LinuxPPC http://www.linuxppc.com/support/updates/security/ NCR UNIX and MP-RAS UNIX http://www.ncr.com/support/support_drivers_patches.asp?Class=sys3000 UXP/V http://www.fujitsu.co.jp/hypertext/Products/Info_process/hpc/topics/cert/top/index-e.html Other operating systems for which the vendor operates some mailing lists but apparently not one limited only to security announcements: Darwin http://lists.apple.com/mailman/listinfo/darwinos-users ESWARE Linux http://www.esware.com/lista_correo.html Kondara MNU/Linux http://www.kondara.org/mailinglist.html.en (also, there are Kondara security announcements posted to SecurityPortal's linux-security list; see http://listserv.securityportal.com/archives/linux-security.html) LASER5 Linux http://l5web.laser5.co.jp/ml/ml.html Linux From Scratch http://www.linuxfromscratch.org/services/mailinglistinfo.php MkLinux http://www.mklinux.org/mailinglists.html ROCK Linux http://www.rocklinux.org/ RTLinux http://www.rtlinux.org/mailing_lists.html Storm Linux http://www.stormix.com/resources/community/maillists_html Trinux http://trinux.sourceforge.net/faq.html It's entirely possible that someone else is already maintaining a collection of this type of information. I haven't seen it though. If there isn't yet a similar collection, I'll put together a web page next week that includes only a list of each OS vendor and the minimal information needed to get the security announcements for that OS. Matt Power BindView Corporation, RAZOR Team mhpower () bos bindview com
Current thread:
- OpenBSD remote root Typo Princep (Dec 18)
- Re: OpenBSD remote root joshua stein (Dec 19)
- Re: OpenBSD remote root Emre (Dec 19)
- Re: OpenBSD remote root Dan Harkless (Dec 20)
- Re: OpenBSD remote root Jose Nazario (Dec 20)
- Re: OpenBSD remote root Dan Harkless (Dec 21)
- listing of vendor's security-announcement lists Matt Power (Dec 22)
- Re: OpenBSD remote root Dan Harkless (Dec 20)
- Re: OpenBSD remote root David Damerell (Dec 20)
- <Possible follow-ups>
- Re: OpenBSD remote root Theo de Raadt (Dec 21)