[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Re: Security vulnerability process - last call

FYI Ian J is travelling and will be back online (at least partially,
depending on connectivity at debconf) probably on Monday.

On Wed, 2011-07-20 at 06:39 +0100, Eugene Teo wrote:
> Ian Jackson <Ian.Jackson <at> eu.citrix.com> writes:
> > 3. Advisory public release:
> > 
> >    At the embargo date we will publish the advisory, and push
> >    bugfix changesets to public revision control trees.
> Perhaps be a bit more specific. At which timezone will the advisory be 
> published? For the folks in Asia Pacific, this could mean a public pre-
> disclosure of about 12 hours or more if security (at) xen is based in the 
> States.

The embargo date/time will be precise and include timezone information.

security@ is mostly based in the UK but since the embargo date is
subject to negotiation with the discoverer it is possible that the
advisory will be published during daylight hours in some other timezone.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.