Security Support in Debian | DefConf

by Micah Anderson by Moritz Mühlenhoff
At: DebConf7 http://penta.debconf.org/dc7schedule/events/66.en.html https://debconf7.debconf.org/
The Good, the Bad and the Ugly
The talk will provide a review of security support in Debian and propose improvements in handling & infrastructure. It will also debunk some myths about security support in Debian and what maintainers need to do to fix vulnerabilities in a timely manner. It even includes a fancy graph.
Brief overview:
Review of the current security support in Debian
Comparison with other distributions
Proposed improvements
Scalability with archive growth
Supportability of applications over a full stable cycle
Best practices to act as a maintainer wrt security support
Introduction about the Security tracker
Introduction of debsecan
Possibility of enterprise security support life cycles
Security support for kernel/X11
How to prevent junk entering the archive
State of testing security support and proposed fixes
Embedded code copies
Potential security hardening features in mainline
Overview about static analysis security tools
Possibly more
Room: Upper Talk Room Scheduled start: 2007-06-19 14:00:00