[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Notes for Design Session: Loose ends for becoming a CNA (CVE Numbering Authorities) and other Security Team Operational Questions

To: security-team-members@xxxxxxxxxxxxxx, xen-devel <xen-devel@xxxxxxxxxxxxx>, committers@xxxxxxxxxxxxxx
From: Lars Kurth <lars.kurth.xen@xxxxxxxxx>
Date: Tue, 18 Jul 2017 11:55:14 +0100
Cc: Vincent Legout <vincent.legout@xxxxxxxxx>, Tamas K Lengyel <tamas.lengyel@xxxxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Roman Razuvayev <roman.razuvayev@xxxxxxxxxxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Rich Persaud <rich@xxxxxxxxxxx>
Delivery-date: Tue, 18 Jul 2017 10:55:27 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

A small correction

> On 18 Jul 2017, at 11:37, Lars Kurth <lars.kurth.xen@xxxxxxxxx> wrote:
> 
> ...
> b) The alternative would be for the security team to fix issues in private 
> and bundle as we already do and pre-disclose 2 weeks before a fixed monthly 
> embargo date. The effect would be that
> b.1) information leakage is reduced as confined to the security team only
this should be "risk of information leakage is reduced as handling of 
confidential information is confined to the security team only"

Regards
Lars

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] Notes for Design Session: Loose ends for becoming a CNA (CVE Numbering Authorities) and other Security Team Operational Questions
  - From: Lars Kurth

Prev by Date: [Xen-devel] [linux-linus bisection] complete test-amd64-amd64-xl
Next by Date: Re: [Xen-devel] [PATCH 24/25 v6] xen/arm: vpl011: Add a pl011 uart DT node in the guest device tree
Previous by thread: [Xen-devel] Notes for Design Session: Loose ends for becoming a CNA (CVE Numbering Authorities) and other Security Team Operational Questions
Next by thread: [Xen-devel] [ovmf baseline-only test] 71700: regressions - FAIL
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.