Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 3 May 2007 10:04:16 -0400
From:      Bill Moran <wmoran@potentialtech.com>
To:        "darshan na" <darshan.na@gmail.com>
Cc:        questions@freebsd.org
Subject:   Re: Hello :Regarding the vulnerability
Message-ID:  <20070503100416.d3d714d4.wmoran@potentialtech.com>
In-Reply-To: <387cde1b0705030641x6e6c2de5r4e1daa45ce74eb9a@mail.gmail.com>
References:  <387cde1b0705030455p39566970uf40663721eabaeea@mail.gmail.com> <20070503083845.52414031.wmoran@potentialtech.com> <387cde1b0705030641x6e6c2de5r4e1daa45ce74eb9a@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
In response to "darshan na" <darshan.na@gmail.com>:
> Hi.
> Thanks for the reply
> I am really sorry It was my mistake for not checking properly
> After reading again I have realised that you specify the impact and
> workaround for FreeBSD releases and you provide links to their
> sources .Please correct me if I am wrong I am new to this field .

You are obviously new, but that's OK.  We all start out new.

First off, questions@freebsd.org is a mailing list for general discussion
about FreeBSD.  The fact that I responded to you post in no way identifies
me as an expert that should be exclusively consulted for further
information.  As a result, I've added questions@freebsd.org back to the
CC.

The FreeBSD project maintains a truckload of mailing lists to facilitate
collaboration within the community:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html#ERESOURCES-MAIL
Of particular interest to you might be this list:
http://lists.freebsd.org/mailman/listinfo/freebsd-security

Top-posting is also generally frowned apon.

> I also wanted to know what features to you consider when publishing the
> vulnerability

Information about how the security team operates is here:
http://www.freebsd.org/security/

If you have a number of questions, I expect you'll benefit from organizing
them all into a single email and sending them (interview-style) to the
FreeBSD security officer (listed on the previous page).

Hope this helps.

> On 5/3/07, Bill Moran <wmoran@potentialtech.com> wrote:
> >
> > In response to "darshan na" <darshan.na@gmail.com>:
> >
> > >  Hi ,
> > > I am student at one of the German Universtiy and i had a task of
> > > Benchmarking the Vulenrability Providers based on the features they
> > provide
> > > and ,its really nice that you provide vulnerablity information in xml
> > format
> > > and this is really very useful to parse this information for analysis
> > > i was checking your website where advisiories are present and i could
> > not
> > > find any risk level alloted to the vulnerability
> > > It is difficult to analyse them without that , I just wanted to know is
> > > there any particular reason for this
> >
> > Did you miss section III (called "Impact") that appears in every Advisory?
> >
> > --
> > Bill Moran
> > http://www.potentialtech.com
> >
> 


-- 
Bill Moran
http://www.potentialtech.com



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20070503100416.d3d714d4.wmoran>