[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: Security vulnerability process - last call

I wrote:
> We received some comments and based on that I have prepared a new
> final draft.  The changes ought not to be controversial.
> Please send any final comments by the 28th of July (14 days from
> now).  Unless there are objections, we will regard the process as
> formally in force from that date.
>    Public advisories will be posted to xen-devel.

We should send these also to some more general list.  So we should
probably post them oss-security [0].

And we should document in the process that we will CC the MITRE CVE
contact address with public advisories to try to make sure that the
MITRE database is updated.


[0] http://oss-security.openwall.org/wiki/mailing-lists/oss-security

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.