[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v2 SECURITY-POLICY 7/9] Clarify and fix prior consultation text
The prior consultation clause should applies to all disclosure exceptions. The list end appears to have been moved by mistake. So put it back. Also, no longer suggest that predisclosure list members should consult with the discoverer, since the discoverer is not generally known to predisclosure list members. Signed-off-by: Ian Jackson <ijackson@xxxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> --- security_vulnerability_process.html | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/security_vulnerability_process.html b/security_vulnerability_process.html index 2d32e51..7412652 100644 --- a/security_vulnerability_process.html +++ b/security_vulnerability_process.html @@ -200,9 +200,10 @@ partners:</p> <li>the impact, scope, set of vulnerable systems or the nature of the vulnerability</li> <li>revision control commits which are a fix for the problem</li> - <li>patched software (even in binary form) without prior - consultation with security@xenproject and/or the discoverer.</li> + <li>patched software (even in binary form)</li> </ul> +without prior +consultation with security@xenproject. <p>List members are allowed to make available to their users only the following:</p> <ul> -- 1.7.10.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |