incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <dennis.hamil...@acm.org>
Subject RE: Population of ooo-security
Date Tue, 02 Aug 2011 00:30:15 GMT
I'm assuming that, out of the mutual concerns we all share for the community of ODF supporters,
that it might be appropriate to suggest to a reporter that they take their report to a different
security@ address that might be more appropriate for immediate attention and action.

 - Dennis

-----Original Message-----
From: Rob Weir [mailto:apache@robweir.com] 
Sent: Monday, August 01, 2011 16:58
To: ooo-dev@incubator.apache.org
Subject: Re: Population of ooo-security

On Mon, Aug 1, 2011 at 7:40 PM, Simon Phipps <simon@webmink.com> wrote:
[ ... ]
> I don't think I understand how your response, which refers to the
> functioning of a future list once AOOo has an operational development
> process, applies to my comment, which refers to the situation now when any
> incoming security issue would probably be triaged by fixing & recommending
> use of LibreOffice.
>

The existence and staffing of ooo-security is part of AOOo
development.  It is not something outside of a development process.
Not every report we receive necessarily results in the production of
an urgent patch.  But if such a situation occurred, then we'd discuss
on ooo-security and develop a recommendation.  But regardless of the
disposition of the report, I think it is important to respect the
privacy of the reporter.

> S.
>


Mime
View raw message