[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Predisclosure-applications] Gentoo pre-disclosure application



Hi,

I'd like to request the inclusion of Gentoo Linux on the pre-disclosure
list.

Gentoo Linux (gentoo.org) is a source-based Linux distribution. We
distribute Xen in our main package repository.


Evidence of active development can be seen on our mailing lists at
    http://archives.gentoo.org/
as well as our repositories at
    http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/.

Our Xen packages can be found under

http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/app-emulation/xen/.
This should also serve as evidence that we do distribute Xen.

Security issues are handled by the Gentoo Security Project:
   http://www.gentoo.org/security/en/
Handling of confidential issues is described under "3. Security Team
contact information". For details regarding our internal handling of
confidential issues also see [1] and [2].

We have read and agree with the terms of the Xen Security Problem
Response Process and will not disclose any information or updated
packages during an embargo period.

Please use package-security-xen@xxxxxxxxxx for the pre-disclosure list.
This is an alias available only to members of the Gentoo Security
Project and the Xen package maintainers. The security team will make
sure that new Xen maintainers understand the policy before they are
added to the alias.

Thank you for your consideration,

Tobias Heinlein
Gentoo Security


[1]
https://wiki.gentoo.org/wiki/Project:Security/GLSA_Coordinator_Guide#Confidential_vulnerability_bug_management
[2] http://www.gentoo.org/security/en/vulnerability-policy.xml


_______________________________________________
Predisclosure-applications mailing list
Predisclosure-applications@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/predisclosure-applications


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.