|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Security vulnerability process, and CVE-2012-0217
On Tue, 3 Jul 2012, Matt Wilson wrote: > > Looking at the existing pre-disclosure list shows that it contains > > parties from all groups. This opens Xen.org up to criticism that some > > members of the pre-disclosure have an uncertain advantage, which has > > already been highlighted earlier in this discussion. > > I think that reworking the membership criteria and a transparent > membership request process, similar to how subscribe / unsubscribe > requests to the "distros" and "linux-distros" mailing lists [3], can > solve this. Or, address it as well as the distro lists have. I agree. As we can see from the list at http://oss-security.openwall.org/wiki/mailing-lists/distros both big companies like Oracle and very small, entirely not-for-profit, groups like Frugalware are present. Therefore I think that the size of the company or the entity that is applying for subscription should NOT be the criteria to based the acceptance upon. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |