You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think there are some questions we should answer about vulnerabilities.
How responsible are we for vulnerabilities on the machines deployed by our scripts?
There must be hundreds of packages across Ubuntu repos, PyPI, CRAN, Snapcraft and official/unofficial PPAs. It doesn't seem reasonable (or desirable) to monitor all of these.
Should we only be concerned with certain problems e.g. privilege escalation.
How can we monitor vulnerabilities?
Currently we address problems we are aware of but we don't actively look for problems.
Can we monitor CVEs announced by Ubuntu and filter by type/severity?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I think there are some questions we should answer about vulnerabilities.
Beta Was this translation helpful? Give feedback.
All reactions