5885717 2000-12-21 19:17 -0500 /99 rader/ Matt Power <mhpower@BOS.BINDVIEW.COM> Sänt av: joel@lysator.liu.se Importerad: 2000-12-22 11:16 av Brevbäraren (som är implementerad i) Python Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM Externa svar till: mhpower@BOS.BINDVIEW.COM Mottagare: Bugtraq (import) <14473> Kommentar till text 5881913 av Jose Nazario <jose@BIOCSERVER.BIOC.CWRU.EDU> Ärende: listing of vendor's security-announcement lists ------------------------------------------------------------ From: Matt Power <mhpower@BOS.BINDVIEW.COM> To: BUGTRAQ@SECURITYFOCUS.COM Message-ID: <200012220017.TAA03492@theta.bos.bindview.com> In http://www.securityfocus.com/archive/1/152248, Jose Nazario <jose@biocserver.bioc.cwru.edu> wrote: > ... you should be on every >security list your vendor puts out. nearly every vendor has one. some are >just busier than others. Here are some references to many of these mailing lists (and a few references to the security web pages of vendors that don't have a mailing list specifically for security announcements). For the operating systems provided by BSDI, Caldera, Cobalt, Compaq, Conectiva, Corel, Debian, FreeBSD, IBM, MandrakeSoft, Microsoft, NetBSD, Novell, OpenBSD, Red Hat, SCO, SGI, Slackware, Sony, Sun Microsystems, SuSE, Trustix, TurboLinux, and WireX, there's information in http://razor.bindview.com/publish/papers/os-patch.html (toward the end, in the section "Discussion of Individual Vendors"). Hewlett-Packard also has a security-announcement list but the signup procedure involves a few separate steps. One posting that explains the procedure is http://www.securityfocus.com/archive/1/151712 A few more operating systems that have security-announcement lists: Stampede GNU/Linux stampede-linux-security; see http://www.stampede.org/mailinglists.php3 Yellow Dog Linux and Black Lab Linux yellowdog-updates list; see http://lists.yellowdoglinux.com/ Other operating systems where security announcements are on the web: ESWARE Linux http://www.esware.com/actualizaciones.html Kondara MNU/Linux http://www.kondara.org/errata/index.html.en LinuxPPC http://www.linuxppc.com/support/updates/security/ NCR UNIX and MP-RAS UNIX http://www.ncr.com/support/support_drivers_patches.asp?Class=sys3000 UXP/V http://www.fujitsu.co.jp/hypertext/Products/Info_process/hpc/topics/cert/top/index-e.html Other operating systems for which the vendor operates some mailing lists but apparently not one limited only to security announcements: Darwin http://lists.apple.com/mailman/listinfo/darwinos-users ESWARE Linux http://www.esware.com/lista_correo.html Kondara MNU/Linux http://www.kondara.org/mailinglist.html.en (also, there are Kondara security announcements posted to SecurityPortal's linux-security list; see http://listserv.securityportal.com/archives/linux-security.html) LASER5 Linux http://l5web.laser5.co.jp/ml/ml.html Linux From Scratch http://www.linuxfromscratch.org/services/mailinglistinfo.php MkLinux http://www.mklinux.org/mailinglists.html ROCK Linux http://www.rocklinux.org/ RTLinux http://www.rtlinux.org/mailing_lists.html Storm Linux http://www.stormix.com/resources/community/maillists_html Trinux http://trinux.sourceforge.net/faq.html It's entirely possible that someone else is already maintaining a collection of this type of information. I haven't seen it though. If there isn't yet a similar collection, I'll put together a web page next week that includes only a list of each OS vendor and the minimal information needed to get the security announcements for that OS. Matt Power BindView Corporation, RAZOR Team mhpower@bos.bindview.com (5885717) --------------------------------(Ombruten)