From: Lars Kurth <lars.kurth@xen.org>
To: xen-devel@lists.xen.org
Subject: Re: Security vulnerability process, and CVE-2012-0217 [vote?]
Date: Mon, 24 Sep 2012 12:25:55 +0100 [thread overview]
Message-ID: <50604343.1090506@xen.org> (raw)
In-Reply-To: <1345718230.12501.79.camel@zakaz.uk.xensource.com>
Hi,
Does anybody have any objections to Ian's changes in this patch series?
None of these appear significant changes. In line with the decision
making process, I would be happy to apply. But, I am also happy to run
this through a vote.
The patch series was
[PATCH 1/6] Clarify what info predisclosure list members may share
during an embargo
[PATCH 2/6] Clarifications to predisclosure list subscription instructions
[PATCH 3/6] Clarify the scope of the process to just the hypervisor project
[PATCH 4/6] Discuss post-embargo disclosure of potentially controversial
private decisions
[PATCH 5/6] Patch review, expert advice and targetted fixes
[PATCH 6/6] Declare version 1.3 ... that would have changed to 1.4 as we
added CentOS to the pre-disclosure list in 1.3
Best Regards
Lars
On 23/08/2012 11:37, Ian Campbell wrote:
> On Tue, 2012-06-19 at 19:16 +0100, Ian Jackson wrote:
> [...]
>> More minor policy questions
>> ---------------------------
> [...]
>> Lacunae in the process
>> ----------------------
> I've prepared a series of patches to the policy[0] which implement most
> (but not all) of what was suggested in these two sections. I think they
> are largely uncontroversial, but please do holler if you disagree or
> want to suggest further improvements..
>
> I'm not at all sure that patches are the best way to present this but there
> we are.
>
> Ian.
>
> [0] http://www.xen.org/projects/security_vulnerability_process.html
>
>
>
>
>
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2012-09-24 11:25 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-19 18:16 Security vulnerability process, and CVE-2012-0217 Ian Jackson
2012-06-20 8:49 ` Jan Beulich
2012-06-20 9:45 ` George Dunlap
2012-06-20 10:32 ` Jan Beulich
2012-07-02 13:59 ` Ian Campbell
2012-07-02 14:58 ` Jan Beulich
2012-07-02 15:04 ` Ian Campbell
2012-07-02 15:17 ` Alan Cox
2012-07-02 15:20 ` Ian Campbell
2012-06-28 18:30 ` Alan Cox
2012-07-04 9:27 ` Ian Campbell
2012-07-04 10:04 ` John Haxby
2012-06-29 10:26 ` George Dunlap
2012-06-29 10:41 ` Jan Beulich
2012-07-02 14:00 ` Ian Campbell
2012-06-23 19:42 ` Matt Wilson
2012-06-28 17:45 ` George Dunlap
2012-07-02 13:59 ` Ian Campbell
2012-06-27 18:07 ` Thomas Goirand
2012-06-27 19:14 ` Alan Cox
2012-06-27 19:30 ` Sander Eikelenboom
2012-06-28 9:28 ` Lars Kurth
2012-07-02 13:58 ` Ian Campbell
2012-07-02 14:51 ` Jan Beulich
2012-07-02 14:57 ` Ian Campbell
2012-07-03 22:03 ` Matt Wilson
2012-07-04 10:33 ` Ian Campbell
2012-07-04 11:24 ` Stefano Stabellini
2012-07-04 12:36 ` George Dunlap
2012-07-04 12:52 ` Jan Beulich
2012-07-04 12:56 ` George Dunlap
2012-07-04 13:01 ` Jan Beulich
2012-07-04 13:30 ` Stefano Stabellini
2012-07-04 14:09 ` Jan Beulich
2012-07-04 15:09 ` Stefano Stabellini
2012-07-06 14:36 ` John Haxby
2012-07-06 16:39 ` Matthew Allen
2012-07-06 17:24 ` George Dunlap
2012-06-29 10:01 ` George Dunlap
2012-06-29 15:48 ` Thomas Goirand
2012-07-02 13:59 ` Ian Campbell
2012-07-02 15:13 ` Alan Cox
2012-07-03 11:12 ` George Dunlap
2012-07-03 14:18 ` Stefano Stabellini
2012-08-23 10:37 ` Ian Campbell
2012-08-23 10:37 ` [PATCH 1/6] Clarify what info predisclosure list members may share during an embargo Ian Campbell
2012-08-23 10:37 ` [PATCH 2/6] Clarifications to predisclosure list subscription instructions Ian Campbell
2012-08-23 10:37 ` [PATCH 3/6] Clarify the scope of the process to just the hypervisor project Ian Campbell
2012-08-23 10:37 ` [PATCH 4/6] Discuss post-embargo disclosure of potentially controversial private decisions Ian Campbell
2012-08-23 10:37 ` [PATCH 5/6] Patch review, expert advice and targetted fixes Ian Campbell
2012-08-23 10:37 ` [PATCH 6/6] Declare version 1.3 Ian Campbell
2012-09-24 11:25 ` Lars Kurth [this message]
2012-10-01 16:38 ` Security vulnerability process, and CVE-2012-0217 [vote?] Ian Jackson
2012-10-03 17:03 ` Lars Kurth
2012-10-04 8:39 ` Lars Kurth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50604343.1090506@xen.org \
--to=lars.kurth@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).