Pardus Linux Security

Security is a primary concern for Pardus Linux. Pardus Security team tracks security
vulnerabilities from a huge amount of resources including OSS projects, security related news groups and e-mail lists, and end-users.

Our focus is to ensure the confidentiality and security of Pardus Linux,
thus we effort to give the quickest response while keeping the system stable.

---

Keeping Your Pardus Linux Secure

To keep your system secure, you should keep your system up-to-date and
receive the latest PLSAs in order to apply PLSA instructions.

Pardus Security Team handles security vulnerabilities only in Official Pardus Linux Repositories:
Pardus 2009 Stable Repo Pardus 2008 Stable Repo

Note #1: Security is NOT handled in Pardus Contrib repository.
note #2: Pardus 2007 is no longer supported since 20 march 2009.
note #3: Pardus 2008 is security-only right now. Only security updates are handled as of the release of Pardus 2009.1. Pardus 2008 will no longer be supported with the release of Pardus 2009.2.

---

Pardus Linux Security Announcements (PLSAs)

Pardus Security Team sends out Pardus Linux Security Announcements in order to
announce new security fixes related to the packages in stable Pardus repository.

PLSAs are available in two languages (English and Turkish) and sent to specific e-mail lists:

• pardus-security (en)
• pardus-guvenlik (tr)

PLSAs are also available via a web interface:

• http://security.pardus.org.tr/en (en)
• http://security.pardus.org.tr/tr (tr)

To get the PLSAs via RSS feed:

• http://security.pardus.org.tr/en/rss/ (en)
• http://security.pardus.org.tr/tr/rss/ (tr)

The older security advisories are also available:·

• Security advisories announced in 2009: http://security.pardus.org.tr/en/2009
• Security advisories announced in 2008: http://security.pardus.org.tr/en/2008
• Security advisories announced in 2007: http://security.pardus.org.tr/en/2007
• Security advisories announced in 2006: http://security.pardus.org.tr/en/2006

---

Pardus Security Team Contact Information

Please report any instances of security vulnerability which are related with packages
in Pardus stable repository to Pardus Security Team, security@pardus.org.tr

Note: If you want to correct a published PLSA, please use Pardus bugzilla
http://bugs.pardus.org.tr with the bug number referred in the PLSA.

---

Recruitment

We are currently looking for users interested in helping to Pardus Security Team with the following jobs:

Pardus Security Testing Team

Description: Helping to Pardus Security Team with testing fixed packages in order to prevent
Application Program Interface (API) or Application Binary Interface (ABI) break issue.·

Requirements:

• Basic system architecture knowledge (dynamic/static linking)
• Availability to response within maximum 24 hours.

Contact: security@pardus.org.tr