* The GNU C Library has been authorized by the CVE Program as a CVE Numbering Authority (CNA)
@ 2024-02-07 18:41 Carlos O'Donell
0 siblings, 0 replies; only message in thread
From: Carlos O'Donell @ 2024-02-07 18:41 UTC (permalink / raw)
To: libc-announce
The GNU C Library (glibc) is a key part of the trusted foundation
in a secure and high-quality software supply chain and is used
by the GNU Toolchain, the GNU system, and many of the GNU/Linux
systems today.
In an ongoing effort to improve security, the project has been
authorized by the CVE Program as a CVE Numbering Authority (CNA):
https://www.cve.org/Media/News/item/news/2024/02/06/GNU-C-Library-Added-as-CNA
As a CNA the glibc security team will be working to improve the
quality and response time of security advisories and mitigations.
Over the coming months, the glibc security team will define the
process for the CNA and establish best practices that can also
be used by the rest of the GNU Toolchain.
To receive notifications of new advisories please subscribe to the
glibc announcement mailing list (libc-announce):
https://sourceware.org/mailman/listinfo/libc-announce
Advisories are published directly into the glibc git repository:
https://sourceware.org/git/?p=glibc.git;a=tree;f=advisories;hb=HEAD
For more information please see the project security documentation:
https://sourceware.org/glibc/security.html
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-02-07 18:41 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-02-07 18:41 The GNU C Library has been authorized by the CVE Program as a CVE Numbering Authority (CNA) Carlos O'Donell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).