[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Security vulnerability process, and CVE-2012-0217

On Tue, 3 Jul 2012, Matt Wilson wrote:
> > Looking at the existing pre-disclosure list shows that it contains
> > parties from all groups. This opens Xen.org up to criticism that some
> > members of the pre-disclosure have an uncertain advantage, which has
> > already been highlighted earlier in this discussion.
> I think that reworking the membership criteria and a transparent
> membership request process, similar to how subscribe / unsubscribe
> requests to the "distros" and "linux-distros" mailing lists [3], can
> solve this. Or, address it as well as the distro lists have.

I agree.

As we can see from the list at


both big companies like Oracle and very small, entirely not-for-profit,
groups like Frugalware are present.
Therefore I think that the size of the company or the entity that is
applying for subscription should NOT be the criteria to based the
acceptance upon.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.