The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.
I'm interested joining this Working Group. My Name is Morten Linderud and in my
spare-time I work on Arch Linux as part of the Reproducible Builds team,
Security team and as a packager.
I have been contributing to the security team since early 2017, and have helped
publish a few hundred advisories to our users, along with discussing security
issues in the distro. As cross-distribution collaboration is important, I made
an attempt last year to establish ##distro-security on freenode to have some
common ground with members of other Linux distributions security teams.
Currently there are member from Debian, Ubuntu, OpenSUSE, Arch, Red Hat, Void
Linux and a few other distributions present in the channel.
My main interests in contributing to this team is easier ingestion and
processing of CVE data, and easier vulnerability management for F/OSS Linux
distributions.
Apart from my F/OSS work, I have a masters degree from University of Bergen,
where I wrote about Debian supply chain security, and work as a security
engineer at BDO Cybersecurity.
Yo!
I'm interested joining this Working Group. My Name is Morten Linderud and in my spare-time I work on Arch Linux as part of the Reproducible Builds team, Security team and as a packager.
I have been contributing to the security team since early 2017, and have helped publish a few hundred advisories to our users, along with discussing security issues in the distro. As cross-distribution collaboration is important, I made an attempt last year to establish
##distro-security
on freenode to have some common ground with members of other Linux distributions security teams. Currently there are member from Debian, Ubuntu, OpenSUSE, Arch, Red Hat, Void Linux and a few other distributions present in the channel.My main interests in contributing to this team is easier ingestion and processing of CVE data, and easier vulnerability management for F/OSS Linux distributions.
Apart from my F/OSS work, I have a masters degree from University of Bergen, where I wrote about Debian supply chain security, and work as a security engineer at BDO Cybersecurity.