Do you rely on mailing lists or news articles for security vulnerabilities? Please share.

I only got to know about xz/liblzma [1] and curl [2] [3] vulnerabilities through lemmy (maybe because of high severity?).


  1. 1 ↩︎

  2. 2 ↩︎

  3. 3 ↩︎

  • Mikelius
    link
    fedilink
    arrow-up
    6
    ·
    9 months ago

    I tend to find out about vulnerabilities before it hits the news outlets from the rss feed at https://seclists.org/oss-sec/

    Other than that, I’ve got a bunch of other security feeds I follow and also have automated updates with just about everything.