Launchpad entry: none yet
Created: 2006-08-01 by JohnMoser
This spec places the vulnerability research, patching, and information diffusion aspect of the Ubuntu Security Team as a sub-team of the Ubuntu Hardened Team specified in HardenedUbuntu: the Ubuntu Hardened Vulnerability Team.
The Ubuntu Hardened Team is made up of multiple sub-teams all approaching security from a different angle using a different set of tasks. It is important to continue to be mindful of new vulnerabilities; collect or create patches; apply and release fixes; and exchange patches and security concerns with other distributions and upstream.
Any vulnerability in any package needs to be fixed.
The scope of the Ubuntu Hardened Vulnerability Team includes the following tasks:
- Monitoring various channels of information for new vulnerabilities.
Locate patches for new vulnerabilities from these channels, upstream, or other distributions, or the HardenedUbuntu/SourceAudit Team.
- Apply and release patches to correct vulnerabilities.
- Report vulnerabilities and release USNs.
A team will be created that follows the above scope.
We have these guys already, they're called the Ubuntu Security Team.
Data preservation and migration