[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Security vulnerability process, and CVE-2012-0217 [vote?]


  • To: xen-devel@xxxxxxxxxxxxx
  • From: Lars Kurth <lars.kurth@xxxxxxx>
  • Date: Mon, 24 Sep 2012 12:25:55 +0100
  • Delivery-date: Mon, 24 Sep 2012 11:26:21 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hi,

Does anybody have any objections to Ian's changes in this patch series? None of these appear significant changes. In line with the decision making process, I would be happy to apply. But, I am also happy to run this through a vote.

The patch series was
[PATCH 1/6] Clarify what info predisclosure list members may share during an embargo
[PATCH 2/6] Clarifications to predisclosure list subscription instructions
[PATCH 3/6] Clarify the scope of the process to just the hypervisor project
[PATCH 4/6] Discuss post-embargo disclosure of potentially controversial private decisions
[PATCH 5/6] Patch review, expert advice and targetted fixes
[PATCH 6/6] Declare version 1.3 ... that would have changed to 1.4 as we added CentOS to the pre-disclosure list in 1.3

Best Regards
Lars

On 23/08/2012 11:37, Ian Campbell wrote:
On Tue, 2012-06-19 at 19:16 +0100, Ian Jackson wrote:
[...]
More minor policy questions
---------------------------
[...]
Lacunae in the process
----------------------
I've prepared a series of patches to the policy[0] which implement most
(but not all) of what was suggested in these two sections. I think they
are largely uncontroversial, but please do holler if you disagree or
want to suggest further improvements..

I'm not at all sure that patches are the best way to present this but there
we are.

Ian.

[0] http://www.xen.org/projects/security_vulnerability_process.html







_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.