|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Security vulnerability process, and CVE-2012-0217 [vote?]
Hi,Does anybody have any objections to Ian's changes in this patch series? None of these appear significant changes. In line with the decision making process, I would be happy to apply. But, I am also happy to run this through a vote. The patch series was[PATCH 1/6] Clarify what info predisclosure list members may share during an embargo [PATCH 2/6] Clarifications to predisclosure list subscription instructions [PATCH 3/6] Clarify the scope of the process to just the hypervisor project[PATCH 4/6] Discuss post-embargo disclosure of potentially controversial private decisions [PATCH 5/6] Patch review, expert advice and targetted fixes[PATCH 6/6] Declare version 1.3 ... that would have changed to 1.4 as we added CentOS to the pre-disclosure list in 1.3 Best Regards Lars On 23/08/2012 11:37, Ian Campbell wrote: On Tue, 2012-06-19 at 19:16 +0100, Ian Jackson wrote: [...]More minor policy questions ---------------------------[...]Lacunae in the process ----------------------I've prepared a series of patches to the policy[0] which implement most (but not all) of what was suggested in these two sections. I think they are largely uncontroversial, but please do holler if you disagree or want to suggest further improvements.. I'm not at all sure that patches are the best way to present this but there we are. Ian. [0] http://www.xen.org/projects/security_vulnerability_process.html _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |