KnowledgeBase
ContentsBRTableOfContents |
This page is still very much place-holder. If you have time, please update it with more information.
Security updates
Vulnerability Resources
[https://launchpad.net/ubuntu-cve-tracker Ubuntu CVE tracker]
[http://cve.mitre.org Common Vulnerabilities and Exposures] (CVEs)
[http://nvd.nist.gov/nvd.cfm National Vulnerabilities Database]
[http://oss-security.openwall.org Open Source Software Security]
Update processes
[:SecurityUpdateProcedures: Security Update Procedures]
[:StableReleaseUpdates] (SRU)
[https://help.ubuntu.com/community/UbuntuBackports Backport Requests]
Update techniques
- How to handle backporting security updates
- How to test the update
[https://code.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master QA Regression Testing]
- Proof of Concept (PoC)
- Build test suites (eg, 'make check')
- ABI compatibility (eg, check-symbols, nm)
- Checklists
Policies
(FAQ could link to KnowledgeBase)
- policy on local DoS
- policy on root passwords/sudo
- policy on open network ports
- policy on sudo
- policy on home directory permissions
Features
["AppArmor"] docs
- ["SELinux"] docs
Problems
[:DebuggingSecurity] for bug reports
[:DebuggingApparmor] for bug reports dealing with ["AppArmor"] profiles