| ebarretto | We are aware of the recent MITRE [news](https://www.csoonline.com/article/3963190/cve-program-faces-swift-end-after-dhs-fails-to-renew-contract-leaving-security-flaw-tracking-in-limbo.html). | 09:40 |
|---|---|---|
| ebarretto | The situation is ongoing, with industry/ecosystem members (ourselves included) discussing how to proceed. | 09:40 |
| ebarretto | We will monitor the situation as it progresses and will comment once there is more clarity on its impact and path forward. | 09:40 |
| JanC | ebarretto: from what I understand there is alternative funding from CISA for now (until another solution is found) | 13:52 |
| mdeslaur | yeah, we just saw that, hopefully we'll see an official statement soon | 13:53 |
| mdeslaur | and not just news reports | 13:53 |
| JanC | :) | 13:53 |
| ebarretto | yeah, so far the "trust me" sources makes us a bit skeptical | 13:54 |
| ebarretto | also with CISA having funds cut, not sure if this is a long term solution | 13:54 |
| JanC | yes, the reports I saw were specific that this was temporary to avoid a shutdown tonight | 13:55 |
| JanC | so definitely not a long-term solution | 13:56 |
| mdeslaur | they sent $100 using venmo | 13:57 |
| ebarretto | lol | 13:58 |
| JanC | probably a good idea for the future to work with a combination of multiple projects/organisations like e.g. EUVD/ENISA and similar also | 13:59 |
| mdeslaur | yes, definitely | 13:59 |
| mdeslaur | still waiting to see who is behind https://www.thecvefoundation.org/ | 14:00 |
| JanC | yeah, they should be independent and trustworthy for sure | 14:04 |
| ebarretto | JanC: it might be official now https://www.cisa.gov/ | 15:01 |
| ebarretto | even though not clear what it means | 15:01 |
| tomreyn | this must be related to april being the National Supply Chain Integrity Month | 15:05 |
| tomreyn | also emergency communications month | 15:05 |
| tomreyn | hope they'll prevail, and can sometime ensure reliable funding. :-/ if it doesn't work out, EU's ENISA has 15 (also not too well paid) FTEs working on their vulnerability DB and related tasks nowadays. | 15:08 |
| === ChanServ changed the topic of #ubuntu-security to: Mastodon: @ubuntusecurity@fosstodon.org || https://usn.ubuntu.com || https://wiki.ubuntu.com/SecurityTeam || https://wiki.ubuntu.com/Security/Features | " || Matrix: https://matrix.to/#/#release:ubuntu.com" | ||
| === ChanServ changed the topic of #ubuntu-security to: "Mastodon: @ubuntusecurity@fosstodon.org || https://usn.ubuntu.com || https://wiki.ubuntu.com/SecurityTeam || https://wiki.ubuntu.com/Security/Features || Matrix: https://matrix.to/#/#release:ubuntu.com" | ||
| === ChanServ changed the topic of #ubuntu-security to: Mastodon: @ubuntusecurity@fosstodon.org || https://usn.ubuntu.com || https://wiki.ubuntu.com/SecurityTeam || https://wiki.ubuntu.com/Security/Features || Matrix: https://matrix.to/#/#security:ubuntu.com | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!