Gentoo Linux Security Project

1.  Project Description

The Gentoo Linux Security Project mission is to ensure that vulnerabilities in software accessible through Gentoo Linux Portage tree are found and fixed in a timely manner, so that our users remain protected against known vulnerabilities.

2.  Developers

All developers can be reached by e-mail using nickname@gentoo.org.

3.  Recruitment

We are currently looking for users interested in helping the project with the following jobs:

GLSA Coordinators

Job description

Helping with the coordination of security bugs and GLSAs. More information on the recruitment process can be found further down on the project page.

Contact

security@gentoo.org

Kernel Security Coordination

Contact

security@gentoo.org

4.  Subprojects

The security project has the following subprojects:

5.  Arch Security Liaisons

6.  Release Engineering Security Liaison

The current Release Engineering Security liaison is pva.

7.  Becoming a Gentoo Security developer

How to join the team

To participate in the Gentoo Linux Security Project first join the mailing list at gentoo-security@gentoo.org and sign yourself up a Bugzilla account. You may be able to talk to one of our security developers and/or users in the IRC channel #gentoo-security on irc.freenode.net for more information or just to chat about the security state of existing projects.

Candidates for the GLSA Coordinator role should read the GLSA Coordinators Guide to see what it takes to be a GLSA Coordinator. The Padawans page lists the process and status of our GLSA Coordinator recruitment efforts.

8.  Resources

Resources offered by the security project are:

• Gentoo Linux Security page
• Full list of all published GLSAs
• Vulnerability Treatment Policy
• GLSA Coordinators Guide, a guide for Security Team members
• Security padawans recruitment process and status
• Tips for searching and filtering Security bugs