mailing list archives
Re: Fwd: Apache HTTP Server 2.2.22 Released
From: Solar Designer <solar () openwall com>
Date: Wed, 1 Feb 2012 08:12:29 +0400
On Tue, Jan 31, 2012 at 07:49:05PM -0700, Kurt Seifried wrote:
On the other hand how much overlap do we want with full-disclosure/bugzilla?
You mean with full-disclosure/Bugtraq (not Bugzilla)?
I think there will be quite little overlap. Neither of these lists has
anything resembling the full set of security issues even in popular Open
Source projects posted to it - they receive small and arbitrary subsets
instead (plus lots of other stuff that would be offtopic here). With
mostly CVE requests in here, we also have an arbitrary subset (albeit I
think a larger one). If we expand that to have good coverage of at
least popular projects that many of us use, that would actually make
this list more unique.