incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Fisher <dave2w...@comcast.net>
Subject Re: Extraordinary OpenOffice security patch (Was: [Incubator Wiki] Update of "April2012" by robweir)
Date Thu, 12 Apr 2012 21:08:42 GMT

On Apr 12, 2012, at 1:00 PM, Dennis E. Hamilton wrote:

> Yes, this was already raised on the PPMC (on March 22) as you know.  It seems to me that
the PPMC is not concerned.
> 
> It is interesting that it is thought, here, that the remedy is to add more ooo-security
subscribers from the PPMC.  That had not come up before.

Well I did raise it on ooo-private. My suggestion was to add someone who understood Linux
distributions to ooo-security ASAP. I got blowback. This  was unfortunate. Since then we've
had discussions about culture, politeness and apologies. There was some discussion about OpenOffice
and Linux distro on ooo-dev, but more in context of the AOO release plans.

My frustration about not being informed was that no one gave even the slightest notice OFFLIST
that there was a reason that certain people were asking the project questions and that things
were not as I thought and I should move on and let the world revolve. This is particularly
true since I responding with what I had every reason to believe was the project policy.

Emotions pass. What's the root cause? It's a communication problem, why was communication
blocked?

If there are individuals on a PPMC that the podling security team and Mentors feel are not
trustworthy enough that it is decided to forgo the minimal courtesy of keeping the PPMC informed
to manage the process as Dennis described then perhaps the problem is with the PPMC membership
itself.

Normally a podling will set the PMC as part the graduation resolution. Perhaps the AOO PPMC
membership needs to be revised sooner. Any advice?

Regards,
Dave


> 
> - Dennis
> 
> -----Original Message-----
> From: Ross Gardler [mailto:rgardler@opendirective.com] 
> Sent: Thursday, April 12, 2012 12:41
> To: general@incubator.apache.org; dennis.hamilton@acm.org
> Subject: Re: Extraordinary OpenOffice security patch (Was: [Incubator Wiki] Update of
"April2012" by robweir)
> 
> On 12 April 2012 17:32, Dennis E. Hamilton <dennis.hamilton@acm.org> wrote:
>> I don't think the problem is with the size of the ooo-security list membership. 
I think it is in the assumption that the [P]PMC has somehow delegated the ability to make
a release of any kind to the ooo-security team.  I don't mean slip-streaming fixes and working
off the public SVN until that happens.  I mean developing and deploying all the rest of what
accompanies an advisory along with provision of a mitigation.
>> 
> 
> Whether this is the case or not should be discussed on the ooo-dev
> lists rather than the IPMC general list. This is not an IPMC issue.
> All IPMC members are free to join that list or read its archives if
> they so desire.
> 
> Ross
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org


Mime
View raw message