security-discuss  

Messages by Thread

• Access to code signing on GHA without a reproducible process? Neil C Smith
  • Re: Access to code signing on GHA without a reproducible process? Piotr P. Karwasz
  • Re: Access to code signing on GHA without a reproducible process? Neil C Smith
  • Re: Access to code signing on GHA without a reproducible process? Jarek Potiuk
  • Re: Access to code signing on GHA without a reproducible process? Neil C Smith
  • Re: Access to code signing on GHA without a reproducible process? Jarek Potiuk
  • Re: Access to code signing on GHA without a reproducible process? Neil C Smith
  • Re: Access to code signing on GHA without a reproducible process? Jarek Potiuk
  • Re: Access to code signing on GHA without a reproducible process? Neil C Smith
  • Re: Access to code signing on GHA without a reproducible process? Mark Thomas
  • Re: Access to code signing on GHA without a reproducible process? Neil C Smith
  • Re: Access to code signing on GHA without a reproducible process? Neil C Smith
  • Re: Access to code signing on GHA without a reproducible process? Piotr P. Karwasz
  • Re: Access to code signing on GHA without a reproducible process? Jarek Potiuk
• Fwd: [OFE Open Source Community List] Invitation to contribute: SBOM Implementation Guide consultation Dirk-Willem van Gulik
  • Re: [OFE Open Source Community List] Invitation to contribute: SBOM Implementation Guide consultation Kanchana Welagedara
  • Re: [OFE Open Source Community List] Invitation to contribute: SBOM Implementation Guide consultation Dirk-Willem van Gulik
  • Re: [OFE Open Source Community List] Invitation to contribute: SBOM Implementation Guide consultation Srivatsava s
  • Re: [OFE Open Source Community List] Invitation to contribute: SBOM Implementation Guide consultation Kanchana Welagedara
• Security and Release Question from NPM Project Perspective Bryan Ellis
  • Re: Security and Release Question from NPM Project Perspective Mark Thomas
  • Re: Security and Release Question from NPM Project Perspective Piotr P. Karwasz
  • Re: Security and Release Question from NPM Project Perspective Jarek Potiuk
  • Re: Security and Release Question from NPM Project Perspective Bryan Ellis
  • Re: Security and Release Question from NPM Project Perspective Jarek Potiuk
  • Re: Security and Release Question from NPM Project Perspective Piotr P. Karwasz
• Re: Reg the addressing of critical and high vulnerabilities Apache Security Team
• Releasing without disclosing a known security vulnerability Mark Thomas
  • Re: Releasing without disclosing a known security vulnerability Mark J Cox
  • Re: Releasing without disclosing a known security vulnerability Jarek Potiuk
  • Re: Releasing without disclosing a known security vulnerability Piotr P. Karwasz
  • Re: Releasing without disclosing a known security vulnerability Olle E. Johansson
  • Re: Releasing without disclosing a known security vulnerability Mark Thomas
  • Re: Releasing without disclosing a known security vulnerability G.W. Haywood
  • Re: Releasing without disclosing a known security vulnerability Olle E. Johansson
  • Re: Releasing without disclosing a known security vulnerability Christopher Schultz
• Fwd: Draft delegated act for the CRA - public consultation Dirk-Willem van Gulik
• Re: SBOM files for the Apache DB JDO Project Piotr P. Karwasz
  • Re: SBOM files for the Apache DB JDO Project Lars Francke
  • RE: Re: SBOM files for the Apache DB JDO Project Michael Bouschen
  • Re: SBOM files for the Apache DB JDO Project Piotr P. Karwasz
  • Re: SBOM files for the Apache DB JDO Project Jarek Potiuk
  • Re: SBOM files for the Apache DB JDO Project Bouschen, Michael
• New CISA SBOM requirements for public comment Craig Russell
  • Re: New CISA SBOM requirements for public comment Arnout Engelen
• SBOM tooling CVE handling Craig Russell
  • Re: SBOM tooling CVE handling Dominik Psenner
  • Re: SBOM tooling CVE handling Dave Fisher
  • Re: SBOM tooling CVE handling Piotr P. Karwasz
  • Re: SBOM tooling CVE handling Gary Gregory
  • Re: SBOM tooling CVE handling Jarek Potiuk
• CFP Community Over Code NA Mike Drob
  • Re: CFP Community Over Code NA Jarek Potiuk
• Security Track at the Community Over Code NA ? Jarek Potiuk
  • Re: Security Track at the Community Over Code NA ? Mike Drob
  • Re: Security Track at the Community Over Code NA ? Jarek Potiuk
  • Re: Security Track at the Community Over Code NA ? Christopher Schultz
  • Re: Security Track at the Community Over Code NA ? Jarek Potiuk
  • Re: Security Track at the Community Over Code NA ? Mike Drob
  • Re: Security Track at the Community Over Code NA ? Jarek Potiuk
• Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Arnout Engelen
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Olle E. Johansson
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Gary Gregory
  • Re: Legal implications of publishing VEX files Gary Gregory
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Gary Gregory
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Dirk-Willem van Gulik
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Gilles Sadowski
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Mark Thomas
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Lars Francke
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Arnout Engelen
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Jarek Potiuk
  • Re: Legal implications of publishing VEX files Piotr P. Karwasz
  • Re: Legal implications of publishing VEX files Mark J Cox
• Struts / CVE-2024-53677 Dirk-Willem van Gulik
  • Re: Struts / CVE-2024-53677 Jarek Potiuk
  • Re: Struts / CVE-2024-53677 Arnout Engelen
  • AW: Struts / CVE-2024-53677 s.goetz
  • Re: Struts / CVE-2024-53677 Mads Toftum
  • Re: Struts / CVE-2024-53677 Lukasz Lenart
• [DISCUSS] Funnding available for security for individual maintainers (follow up from last infra roundtable) Jarek Potiuk
  • Re: [DISCUSS] Funnding available for security for individual maintainers (follow up from last infra roundtable) Jarek Potiuk
• SBOM for existing project: DB JDO Craig Russell
  • Re: SBOM for existing project: DB JDO Jarek Potiuk
  • Re: SBOM for existing project: DB JDO Piotr P. Karwasz
  • Re: SBOM for existing project: DB JDO Lars Francke
  • Re: SBOM for existing project: DB JDO Arnout Engelen
• Problems with `@community` lists Piotr P. Karwasz
  • Re: Problems with `@community` lists Arnout Engelen
  • Re: Problems with `@community` lists Dirk-Willem van Gulik
  • Re: Problems with `@community` lists Dominik Psenner
  • Re: Problems with `@community` lists Olle E. Johansson
  • Re: Problems with `@community` lists Piotr P. Karwasz
• SBOM repository & graph Arnout Engelen
  • Re: SBOM repository & graph Andrea Cosentino
  • Re: SBOM repository & graph Jarek Potiuk
  • Re: SBOM repository & graph Gary Gregory
  • Re: SBOM repository & graph Arnout Engelen
  • Re: SBOM repository & graph Piotr P. Karwasz
  • Re: SBOM repository & graph Gary Gregory
  • Re: SBOM repository & graph Jarek Potiuk
  • Re: SBOM repository & graph Arnout Engelen
  • Re: SBOM repository & graph Jarek Potiuk
  • Re: SBOM repository & graph Lars Francke
  • Re: SBOM repository & graph Piotr P. Karwasz
  • Re: SBOM repository & graph Arnout Engelen
  • Re: SBOM repository & graph Jarek Potiuk
  • Re: SBOM repository & graph Lars Francke
  • Re: SBOM repository & graph Gary Gregory
  • Re: SBOM repository & graph Herve Boutemy
  • Re: SBOM repository & graph Arnout Engelen
  • Re: SBOM repository & graph Paul King
  • Re: SBOM repository & graph Arnout Engelen
  • Re: SBOM repository & graph Gilles Sadowski
  • Re: SBOM repository & graph Herve Boutemy
• Working list of recommendations for projects Christopher Schultz
  • Re: Working list of recommendations for projects Mark J Cox
  • Re: Working list of recommendations for projects Lars Francke
  • Re: Working list of recommendations for projects Christopher Schultz
  • Re: Working list of recommendations for projects Jarek Potiuk
  • Re: Working list of recommendations for projects Mark J Cox
  • Re: Working list of recommendations for projects Brian Demers
  • Re: Working list of recommendations for projects Jarek Potiuk
  • Re: Working list of recommendations for projects Christopher Schultz
  • Re: Working list of recommendations for projects Christopher Schultz
  • Re: Working list of recommendations for projects Piotr P. Karwasz
  • Re: Working list of recommendations for projects Gilles Sadowski
  • Re: Working list of recommendations for projects Jarek Potiuk
  • Re: Working list of recommendations for projects Piotr P. Karwasz
  • Re: Working list of recommendations for projects Gilles Sadowski
  • Re: Working list of recommendations for projects Piotr P. Karwasz
  • Re: Working list of recommendations for projects Dominik Psenner
  • Re: Working list of recommendations for projects Gilles Sadowski
  • Re: Working list of recommendations for projects Gary Gregory
  • Re: Working list of recommendations for projects Dominik Psenner
  • Re: Working list of recommendations for projects Piotr P. Karwasz
  • Re: Working list of recommendations for projects Gilles Sadowski
  • Re: Working list of recommendations for projects Jarek Potiuk
• Projects struggling to response to vulnerability reports Mark Thomas
  • Re: Projects struggling to response to vulnerability reports Jeff Jirsa
  • Re: Projects struggling to response to vulnerability reports Andrea Cosentino
  • Re: Projects struggling to response to vulnerability reports Arnout Engelen
  • Re: Projects struggling to response to vulnerability reports Jarek Potiuk
• Vulnerabilities in projects in / heading to the attic Mark Thomas
  • Re: Vulnerabilities in projects in / heading to the attic Gilles Sadowski
  • Re: Vulnerabilities in projects in / heading to the attic Mark Thomas
  • Re: Vulnerabilities in projects in / heading to the attic PJ Fanning
  • Re: Vulnerabilities in projects in / heading to the attic Gary Gregory
  • Re: Vulnerabilities in projects in / heading to the attic Phil Steitz
  • Re: Vulnerabilities in projects in / heading to the attic Jarek Potiuk
  • Re: Vulnerabilities in projects in / heading to the attic Mike Drob
  • Re: Vulnerabilities in projects in / heading to the attic Jarek Potiuk
  • Re: Vulnerabilities in projects in / heading to the attic Christopher Schultz
  • Re: Vulnerabilities in projects in / heading to the attic Jarek Potiuk
  • Re: Vulnerabilities in projects in / heading to the attic Christopher Schultz
  • Re: Vulnerabilities in projects in / heading to the attic Arnout Engelen
  • Re: Vulnerabilities in projects in / heading to the attic Jarek Potiuk
• PMC contact lists Mark Thomas
  • Re: PMC contact lists Gary Gregory
  • Re: PMC contact lists Mark Thomas
  • Re: PMC contact lists Gary Gregory
  • Re: PMC contact lists Jeff Jirsa
  • Re: PMC contact lists Dominik Psenner
  • Re: PMC contact lists Christopher Schultz
  • Re: PMC contact lists Shawn McKinney
  • Re: PMC contact lists Gary Gregory
  • Re: PMC contact lists Jarek Potiuk
  • Re: PMC contact lists Dominik Psenner
  • Re: PMC contact lists Gary Gregory
  • Re: PMC contact lists Mark Thomas
  • Re: PMC contact lists Christopher Schultz
  • Re: PMC contact lists Piotr P. Karwasz
• Tomcat security model Mark Thomas
  • Re: Tomcat security model Jarek Potiuk
  • Re: Tomcat security model Mark Thomas
• Using Github Actions Trusted Publisher for PyPI releases ? Jarek Potiuk
  • Re: Using Github Actions Trusted Publisher for PyPI releases ? Mark Thomas
  • Re: Using Github Actions Trusted Publisher for PyPI releases ? Jarek Potiuk
  • Re: Using Github Actions Trusted Publisher for PyPI releases ? Jarek Potiuk
  • Re: Using Github Actions Trusted Publisher for PyPI releases ? Gary Gregory
  • Re: Using Github Actions Trusted Publisher for PyPI releases ? Jarek Potiuk

• Earlier messages