[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: Security vulnerability process - last call



I wrote:
> We received some comments and based on that I have prepared a new
> final draft.  The changes ought not to be controversial.
> 
> Please send any final comments by the 28th of July (14 days from
> now).  Unless there are objections, we will regard the process as
> formally in force from that date.
...
>    Public advisories will be posted to xen-devel.

We should send these also to some more general list.  So we should
probably post them oss-security [0].

And we should document in the process that we will CC the MITRE CVE
contact address with public advisories to try to make sure that the
MITRE database is updated.

Ian.

[0] http://oss-security.openwall.org/wiki/mailing-lists/oss-security

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.