[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [opinion] CVE-patching is not sufficient for package security patchi
From: |
Leo Famulari |
Subject: |
Re: [opinion] CVE-patching is not sufficient for package security patching |
Date: |
Wed, 24 Mar 2021 15:51:06 -0400 |
On Tue, Mar 23, 2021 at 11:54:54PM +0100, Ricardo Wurmus wrote:
> This seems to be a misunderstanding. The first step is to use the money
> we already have but cannot exchange for hardware, because
>
> - finding appropriate hardware that you can actually buy is not easy
> - hosting needs to be considered because we can’t just dump them in the
> MDC data centre where most of the Intel servers are hosted.
>
> We bought a handful of Overdrive 1000 in the past (they are no longer
> sold), and hosting was always an obstacle.
>
> While looking for ways to get the project some more money is certainly
> worthwhile, it’s really not the pressing issue here.
I volunteer to host one or two workstation-type 64-bit ARM machines.
Concretely, this would mean a Honeycomb LX2 or Ampere ALTRA workstation,
since I don't believe there are any other aarch64 workstations available
for sale.
https://www.solid-run.com/arm-servers-networking-platforms/honeycomb-workstation/
https://store.avantek.co.uk/ampere-altra-64bit-arm-workstation.html
signature.asc
Description: PGP signature
- Re: [opinion] CVE-patching is not sufficient for package security patching, (continued)
- Re: [opinion] CVE-patching is not sufficient for package security patching, Leo Famulari, 2021/03/16
- Re: [opinion] CVE-patching is not sufficient for package security patching, Léo Le Bouter, 2021/03/17
- Re: [opinion] CVE-patching is not sufficient for package security patching, Léo Le Bouter, 2021/03/17
- Re: [opinion] CVE-patching is not sufficient for package security patching, Ludovic Courtès, 2021/03/20
- Re: [opinion] CVE-patching is not sufficient for package security patching, Leo Famulari, 2021/03/23
- Re: [opinion] CVE-patching is not sufficient for package security patching, Ricardo Wurmus, 2021/03/23
- Re: [opinion] CVE-patching is not sufficient for package security patching,
Leo Famulari <=
- Re: [opinion] CVE-patching is not sufficient for package security patching, Vincent Legoll, 2021/03/24
- Re: [opinion] CVE-patching is not sufficient for package security patching, Léo Le Bouter, 2021/03/24
- Re: [opinion] CVE-patching is not sufficient for package security patching, Leo Famulari, 2021/03/24
- Re: [opinion] CVE-patching is not sufficient for package security patching, Mathieu Othacehe, 2021/03/25
- Re: [opinion] CVE-patching is not sufficient for package security patching, Leo Famulari, 2021/03/25
- Buying AArch64 hardware?, Ludovic Courtès, 2021/03/30