[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Addition of ITL/QubesOS to the Xen security predisclosure list



The Xen.org security team received a request from Invisible Things Lab
to join the security predisclosure list.

ITL provided references to the following information regarding their
security processes:
  http://wiki.qubes-os.org/trac/wiki/SecurityPage
  http://wiki.qubes-os.org/trac/wiki/SecurityBulletins

Additionally we have previous good experiences working together with
ITL when they discovered security issues and disclosed them to us.

We therefore decided to accept this request, on the grounds that ITL
were a well-established organisation with a mature security response
process, and felt that that was a proper exercise of the discretion
granted to the security team by the process document.[1]

Since we are exercising our discretion, we felt it appropriate to make
a public statement of this particular decision.  If you have any
comments please make them here, or by emailing the team at
security@xxxxxxxx

Thanks,
Ian.

[1] http://www.xen.org/projects/security_vulnerability_process.html

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.