incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Malte Timmermann <malte.timmerm...@oracle.com>
Subject Re: [securityteam] Re: [DISCUSS] Creation of ooo-security list (was Re: OpenOffice Security Vulnerability Reporting)
Date Mon, 11 Jul 2011 13:00:06 GMT
+1 for having ooo-security@incubator.apache.org, because

- old OOo mailing lists will probably die some day
- other people are now participating in Apache OOo, who don't work
  on OOo/LO
- (Old) OOo doesn't release security updates anymore, I guess.

I am still on vacation until 06/25. That the reason for answering so
late, and please moderate this for ooo-dev@i.a.o, as my Oracle address
in not subscribed or in my alias list.

For initial members of the new list, we should use the people subscribed
to the closed OOo and LO security lists - where is a very big overlap
anyway. And we should probably add Rob and Andrew.

Malte.

Dennis E. Hamilton wrote, On 08.07.2011 01:35:
> So perhaps the prudent thing to do is create the list and find out we don't need it,
rather than not have it and have occasion to regret it.
> 
> +1
> 
> -----Original Message-----
> From: Mark Thomas [mailto:markt@apache.org] 
> Sent: Thursday, July 07, 2011 07:00
> To: Rob Weir
> Cc: securityteam@openoffice.org; ooo-dev@incubator.apache.org; security@apache.org
> Subject: Re: OpenOffice Security Vulnerability Reporting
> 
> [ ... ]
> 
> Access to ooo-private@incubator.apache.org is too open for security
> issues. ooo-security@incubator.apache.org needs to be set up with access
> limited to a small, trusted set of individuals. The current subscribers
> to securityteam@openoffice.org would be a good place to start.
> 
> Mark
> 

Mime
View raw message