セキュリティポリシー - 3. 事件ソース
3.1 許可される事件ソース
Fink パッケージ化ソフトウェアのセキュリティ案件報告者として、ソフトウェアの問題が Mac OS X でも発生することを確認しなければならない。 報告者は、当該ソフトウェアの問題が下記のソースのいずれかで報告されていることを確認する責任を有する。
- AIXAPAR: AIX APAR (Authorised Problem Analysis Report)
- APPLE: Apple Security Update
- ATSTAKE: @stake security advisory
- AUSCERT: AUSCERT advisory
- BID: Security Focus Bugtraq ID database entry
- BINDVIEW: BindView security advisory
- BUGTRAQ: Posting to Bugtraq mailing list
- CALDERA: Caldera security advisory
- CERT: CERT/CC Advisories
- CERT-VN: CERT/CC vulnerability note
- CIAC: DOE CIAC (Computer Incident Advisory Center) bulletins
- CONECTIVA: Conectiva Linux advisory
- CONFIRM: URL to location where vendor confirms that the problem exists
- DEBIAN: Debian Linux Security Information
- EEYE: eEye security advisory
- EL8: EL8 advisory
- ENGARDE: En Garde Linux advisory
- FEDORA: Fedora Project security advisory
- FULLDISC: Full-Disclosure mailing list
- FreeBSD: FreeBSD security advisory
- GENTOO: Gentoo Linux security advisory
- HERT: HERT security advisory
- HP: HP security advisories
- IBM: IBM ERS/BRS advisories
- IMMUNIX: Immunix Linux advisory
- INFOWAR: INFOWAR security advisory
- ISS: ISS Security Advisory
- KSRT: KSR[T] Security Advisory
- L0PHT: L0pht Security Advisory
- MANDRAKE: Linux-Mandrake advisory
- MISC: generic reference from an URL
- MLIST: generic reference form for miscellaneous mailing lists
- NAI: NAI Labs security advisory
- NETECT: Netect security advisory
- NetBSD: NetBSD Security Advisory
- OPENBSD: OpenBSD Security Advisory
- REDHAT: Security advisories
- RSI: Repent Security, Inc. security advisory
- SEKURE: Sekure security advisory
- SF-INCIDENTS: posting to Security Focus Incidents mailing list
- SGI: SGI Security Advisory
- SLACKWARE: Slackware security advisory
- SNI: Secure Networks, Inc. security advisory
- SUN: Sun security bulletin
- SUNALERT: Sun security alert
- SUNBUG: Sun bug ID
- SUSE: SuSE Linux: Security Announcements
- TRUSTIX: Trustix Security Advisory
- TURBO: TurboLinux advisory
- VULN-DEV: Posting to VULN-DEV mailing list
- VULNWATCH: VulnWatch mailing list
- XF: X-Force Vulnerability Database
- CVE: CVE Candidates
上記のキーワードは CVE 推奨キーワード一覧による。