Re: [Formal Vote] Changes to Xen Project Security Vulnerability Process - Open until June 8th, 2015

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: Lars Kurth <lars.kurth.xen@gmail.com>
Cc: keir Fraser <keir@xen.org>,
	Ian Campbell <Ian.Campbell@citrix.com>, Tim Deegan <tim@xen.org>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>,
	Major Hayden <major.hayden@rackspace.com>,
	"<xen-devel@lists.xen.org>" <xen-devel@lists.xen.org>,
	security@xenproject.org
Subject: Re: [Formal Vote] Changes to Xen Project Security Vulnerability Process - Open until June 8th, 2015
Date: Mon, 1 Jun 2015 13:59:53 -0400	[thread overview]
Message-ID: <20150601175953.GJ13347@x230> (raw)
In-Reply-To: <35D18A2F-7B4B-47B8-B673-4C049D19344A@gmail.com>

On Mon, Jun 01, 2015 at 10:36:25AM +0100, Lars Kurth wrote:
> Hi,
> 
> in accordance with the project's governance, I would like to put the following text changes to a committer vote (committers are on the TO list). The discussion leading to the changes can be found at http://lists.xenproject.org/archives/html/xen-devel/2015-05/msg02881.html <http://lists.xenproject.org/archives/html/xen-devel/2015-05/msg02881.html>
> 
> Please vote +1, 0, -1 with explanation as usual. You can reply publicly or in private and I will collate results on the 9th.

+1
> 
> Regards
> Lars
> 
> Old text in http://www.xenproject.org/security-policy.html <http://www.xenproject.org/security-policy.html>
> ---
> Specific process
> ...
> 4. Advisory pre-release: 
> 
> This occurs only if the advisory is embargoed (ie, the problem is not already public): 
> 
> As soon as our advisory is available, we will send it, including patches, to members of the Xen security pre-disclosure list. 
> 
> For more information about this list, see below. At this stage the advisory will be clearly marked with the embargo date.
> ---
> 
> Proposed text (this adds an additional paragraph, while  leaving the existing text as-is):
> ---
> Specific process
> ...
> 4. Advisory pre-release: 
> 
> This occurs only if the advisory is embargoed (ie, the problem is not already public): 
> 
> As soon as our advisory is available, we will send it, including patches, to members of the Xen security pre-disclosure list. 
> 
> In the event that we do not have a patch available two working weeks before the disclosure date, we aim to send an advisory that reflects the current state of knowledge to the Xen security pre-disclosure list. An updated advisory will be published as soon as available.
> 
> For more information about this list, see below. At this stage the advisory will be clearly marked with the embargo date.
> ---

next prev parent reply	other threads:[~2015-06-01 17:59 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-06-01  9:36 [Formal Vote] Changes to Xen Project Security Vulnerability Process - Open until June 8th, 2015 Lars Kurth
2015-06-01 17:59 ` Konrad Rzeszutek Wilk [this message]
2015-06-03  9:35 ` Ian Campbell
2015-06-05 11:32   ` Lars Kurth
2015-06-05 11:43     ` Ian Campbell
2015-06-08 10:08       ` Lars Kurth
2015-06-08 10:23         ` Jan Beulich
2015-06-08 10:40   ` Ian Jackson
2015-06-09 11:06     ` Lars Kurth
2015-06-09 12:09       ` Major Hayden
2015-06-04 13:21 ` Tim Deegan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150601175953.GJ13347@x230 \
    --to=konrad.wilk@oracle.com \
    --cc=Ian.Campbell@citrix.com \
    --cc=Ian.Jackson@eu.citrix.com \
    --cc=keir@xen.org \
    --cc=lars.kurth.xen@gmail.com \
    --cc=major.hayden@rackspace.com \
    --cc=security@xenproject.org \
    --cc=tim@xen.org \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.