[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] RFC: Adding a section to the Xen security policy about what constitutes a vulnerability



George Dunlap writes ("[Xen-devel] RFC: Adding a section to the Xen security 
policy about what constitutes a vulnerability"):
> If a bug requires a vulnerable operating system to be exploitable, the
> Xen Security Team will pro-actively investigate the vulnerability of
> the following open-source operating systems: Linux, OpenBSD, FreeBSD,
> and NetBSD.  The security team may also test or otherwise investigate
> the vulnerability of some proprietary operating systems.

I like this whole document.

+1

I think the paragraph I quote above is the most difficult but it
strikes the right balance between what we can promise and what we
would like to deliver.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.