New Security Policy Report

It has been almost 6 weeks since new policies for acting on security advisories have been in place for Manjaro.

During this period we took particular action to ‘fast-track’ updates to at least 14 packages which addressed security issues that were considered of high or critical severity. Packages affected included: firefox, antiword, mantisbt, bind, unbound, powerdns-recursor, flashplugin, nss, unrtf, glibc jasper, ntp, imagemagick and openssl.

Some more security advisories were noted as well, but special action wasn’t required as an update was already imminent.

We still have some infrastructure work to do that will help make things easier for the team and keep the public better informed, but overall the system has been working well and we hope the concerns of some especially security-conscious users have been largely or completely addressed.

Kind regards,

The Manjaro Team

Written on January 10, 2015