KnowledgeBase
Differences between revisions 2 and 19 (spanning 17 versions)
964
Comment:
|
2653
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
[[Include(SecurityTeam/Header)]] | <<Include(SecurityTeam/Header)>> |
Line 3: | Line 3: |
||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position: 98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;">'''Contents'''[[BR]][[TableOfContents]]|| | ||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position: 98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;"><<TableOfContents>>|| |
Line 5: | Line 5: |
== Security updates == | |
Line 6: | Line 7: |
=== Announcements === * Official [[https://www.ubuntu.com/usn/|Ubuntu Security Announcements]] * Unofficial translations of Ubuntu Security Announcements: * [[http://blogs.media-tips.com/bernard.opic/category/ubuntu-security-notices/|French]] |
|
Line 7: | Line 12: |
{{{This page is still very much place-holder. If you have time, please update it with more information.}}} | === Vulnerability Resources === * [[https://launchpad.net/ubuntu-cve-tracker|Ubuntu CVE tracker]] * [[http://cve.mitre.org|Common Vulnerabilities and Exposures]] (CVEs) * [[http://nvd.nist.gov/nvd.cfm|National Vulnerabilities Database]] * [[http://oss-security.openwall.org|Open Source Software Security]] |
Line 9: | Line 18: |
=== Update processes === * [[SecurityTeam/UpdateProcedures| Security Update Procedures]] * [[StableReleaseUpdates/MicroReleaseExceptions]] * [[StableReleaseUpdates]] (SRU) * [[https://help.ubuntu.com/community/UbuntuBackports|Backport Requests]] |
|
Line 10: | Line 24: |
* security updates * [:SecurityUpdateProcedures: Security Update Procedures] * Ubuntu CVE tracker link * mitre * NVD * oss-security link * Policies (FAQ could link to Knowledge{{{}}}Base) * policy on local DoS * policy on root passwords/sudo * policy on open network ports * policy on sudo * policy on home directory permissions * AppArmor docs * SELinux docs |
=== Update techniques === * [[https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures#Preparing%20an%20update|How to prepare an updated package]] |
Line 25: | Line 27: |
* good upstream patches * micro release * SRU * -backports * [:DebuggingSecurity] for bug reports |
* How to test the update * [[https://code.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master|QA Regression Testing]] * Proof of Concept (PoC) * Build test suites (eg, 'make check') * ABI compatibility (eg, check-symbols, nm) * Checklists == Policies == * [[https://wiki.ubuntu.com/DebuggingSecurity#Local%20Denial%20of%20Service|Local denial of service (DoS) policy]] * [[RootSudo|Sudo (including root password) policy]] * [[https://wiki.ubuntu.com/DebuggingSecurity#Local%20Network%20Privacy|Open network ports and local network privacy policy]] * [[https://wiki.ubuntu.com/DebuggingSecurity#Permissive%20Home%20Directory Permissions|Home directory permissions policy]] * [[ApparmorProfileMigration|Creating enforcing AppArmor profiles policy]] == Features == * [[Security/Features|Feature Matrix]] * [[CompilerFlags|Security Hardening Compiler Flags]] * [[SecurityTeam/KnowledgeBase/AppArmorProfiles|AppArmor Profiles]] * [[SecurityTeam/KnowledgeBase/BuiltPIE|Applications Built with PIE]] * [[AppArmor]] docs * [[SELinux]] docs == Process == * [[SecurityTeam/BugTriage|Bug Triage]] * [[SecurityTeam/ReleaseCycle|Release Cycle Actions]] == Problems == * [[DebuggingSecurity]] for bug reports * [[DebuggingApparmor]] for bug reports dealing with [[AppArmor]] profiles |
Security updates
Announcements
Official Ubuntu Security Announcements
- Unofficial translations of Ubuntu Security Announcements:
Vulnerability Resources
Update processes
StableReleaseUpdates (SRU)
Update techniques
- How to handle backporting security updates
- How to test the update
- Proof of Concept (PoC)
- Build test suites (eg, 'make check')
- ABI compatibility (eg, check-symbols, nm)
- Checklists
Policies
Features
Process
Problems
DebuggingSecurity for bug reports
DebuggingApparmor for bug reports dealing with AppArmor profiles
SecurityTeam/KnowledgeBase (last edited 2024-04-24 13:30:26 by rodrigo-zaiden)