Do you rely on mailing lists or news articles for security vulnerabilities? Please share.

I only got to know about xz/liblzma [1] and curl [2] [3] vulnerabilities through lemmy (maybe because of high severity?).


  1. 1 ↩︎

  2. 2 ↩︎

  3. 3 ↩︎

  • Brunacho
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    1
    ·
    8 months ago

    My distribution (archlinux) notifies of critical vulnerabilities that require user action. There’s a news mailing list.

    After that I rely on social network (Mastodon mostly) or lemmy for news, as vulnerabilities often get some conversation. Apart from that, software i’m really interested in I also follow through RSS so I get news when they update for their vulnerabilities -that is when the vulnerabilities are not self inflicted as the xz case-.