incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <dennis.hamil...@acm.org>
Subject RE: Vulnerability fixed in LibreOffice
Date Mon, 10 Oct 2011 15:12:14 GMT
Concerning the continued use of securityteam@openoffice.org, there are two
issues

 1. It is not clear what the fate of mailing lists @openoffice.org is
going to be, and whether they are reliably-operated in the meantime.  It 
would be great to have assistance in preserving the administration of 
those lists, the @openoffice.org e-mail registration/User-ID structure,
etc., but at the moment no capability to doing so has been identified 
by the Apache OOo project.

 2. There is some indication that those who are able to administer that
list have not been very ecumenical about it, and some sort of peace treaty
is required to achieve the necessary DMZ.  That probably applies wherever
the shared security forum is established, and it is probably more essential
to address that than (1).

 - Dennis

-----Original Message-----
From: J├╝rgen Schmidt [mailto:jogischmidt@googlemail.com] 
Sent: Monday, October 10, 2011 07:55
To: ooo-dev@incubator.apache.org
Subject: Re: Vulnerability fixed in LibreOffice

On Mon, Oct 10, 2011 at 3:51 PM, Simon Phipps <simon@webmink.com> wrote:

[ ... ]
> Back to the actual issue:
>
> * for (A), AOOo clearly needs a private security list. We all agree.
> * for (B), the legacy StarOffice ecosystem clearly needs a shared private
> security list. Seems we all agree on that too.
>
> The former apparently exists. All that's left is to actually agree to a
> technical arrangement that works for the latter. There are two proposals on
> the table. Given the tendency of some to confuse community collaboration
> with Apache project work, I actually think the idea of a list at
> freedesktop.org for (B) makes most sense.
>

let us check first if we can still use the already established list
securityteam@openoffice.org <knownsecurityteam@openoffice.org> before
seeking for a new name. It's at least not clear for me if we can use it or
not, i will try to clarify this.

freedesktop.org is very Linux centric, isn't it? But the whole word is often
talking about OpenOffice independent of what brand they currently use. And
most of our users are still on a windows system (if we like it or not ;-)).
That means i would prefer to move forward if possible with a shared list
securityteam@openoffice.org <knownsecurityteam@openoffice.org> that is
already known, is related to the product or derivatives and that we can use
for collaborative work on any security issues and the communication between
projects sharing the same code base or at least part of it.

Does it make sense to check first the possibility of using the existing
name?

Juergen


[ ... ]


Mime
View raw message