incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rory O'Farrell <ofarr...@iol.ie>
Subject Re: Vulnerability fixed in LibreOffice
Date Mon, 10 Oct 2011 12:06:03 GMT
On Mon, 10 Oct 2011 07:45:34 -0400
Rob Weir <robweir@apache.org> wrote:
> Security reports come from security
> reporters.  Can you tell us whether "Red Hat, Inc. security
> researcher Huzaifa Sidhpurwala" is a TDF member and whether he
> was reporting this issue under instructions from TDF?  

Does it matter?  A careful security report will provide
information on how the problem arises; it would be foolish
for anyone to immediately swing into action with alarm bells
ringing to try to fix a report without first verifying that the
poblem actually exists.  Surely any security report undergoes
some form of triage before being advanced to fix.

--
 Rory O'Farrell <ofarrwrk@iol.ie>

Mime
View raw message