[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 3/6] Clarify the scope of the process to just the hypervisor project



Other projects are handled on a best effort basis by the project lead
with the assistance of the security team.

See <20448.49637.38489.246434@xxxxxxxxxxxxxxxxxxxxxxxx>, section
    "9. Vulnerability process scope"
---
 security_vulnerability_process.html |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/security_vulnerability_process.html 
b/security_vulnerability_process.html
index ee42402..ddd88a1 100644
--- a/security_vulnerability_process.html
+++ b/security_vulnerability_process.html
@@ -77,6 +77,9 @@ if(ns4)_d.write("<scr"+"ipt type=text/javascript 
src=/globals/mmenuns4.js><\/scr
     will treat with respect the requests of discoverers, or other vendors, who
     report problems to us.</p>
 
+    <h2>Scope of this process</h2>
+    <p>This process primarily covers the <a 
href="http://www.xen.org/products/xenhyp.html";>Xen Hypervisor Project</a>. 
Vulnerabilties reported against other Xen.org projects will be handled on a 
best effort basis by the relevant Project Lead together with the security 
team.</p>
+
     <h2>Specific process</h2>
     <ol type="1">
     <li><p>We request that anyone who discovers a vulnerability in xen.org
-- 
1.7.10.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.