[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [Final Community Review] Xen Security Problem Response Process v2
Dear Community Members,In the last update about the security problem response process changes (http://blog.xen.org/index.php/2012/12/17/security-disclosure-process-discussion-update), we promised a vote in mid-January. Near the end of the window, some additional changes were proposed, and we were somewhat sidetracked with launching Xen as a Linux Foundation Collaborative Project. As this process impacts many Xen users, we feel that it is prudent to run through a final week of community review (closing on Monday May 20th). The proposal can be found at http://www.xenproject.org/component/content/article/85-about-xen/138-xen-security-problem-response-process-v2-proposal.html Significant changes to the document are: - Expand eligibility of who can join the predisclosure list - Clarify definitions of who can join the predisclosure list- Clarify information that needs to be supplied when joining the predisclosure list - Change e-mail alias to security@xenprojectReview comments are to be posted in response to this thread (on xen-devel and xen-users). Please do not revisit arguments, which have been made at length in previous discussions. Hopefully, we got this right now and can move forward with a formal vote in the last week of May and get the new process implemented. Best Regards Lars _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |