The OpenPKG GmbH takes software security very seriously as it is the
cornerstone of its OpenPKG Enterprise product offering. Here you find
all security related material of the OpenPKG GmbH, including the public
- Security Advisories
The OpenPKG GmbH publishes official Security Advisories (SA),
small documents summarizing a particular security issue related to
OpenPKG software packages. Snapshots of those Security Advisories
are also sent out to mailing lists in digitally signed form. Here
you will find the complete set of published Security Advisories in
their latest revisions.
- Digital Signatures
The OpenPKG Project for security reasons
digitally signs both Security Advisories and
software packages in the OpenPKG-RELEASE series.
Here you will find details about the digital
signatures and how to verify them.
- Security Incident
The OpenPKG community actively monitors the Internet community,
regularily checks information from software vendors and
participates in closed vendor security forums in order to
know as early as possible about security incidents. Nevertheless,
every OpenPKG user is called to actively report to us any
observed security incidents related to OpenPKG packages.
- Security Resources
Security Informations can be found at many
locations on the Internet. The most important
ones are summarized and linked here.