incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <robw...@apache.org>
Subject Re: Vulnerability fixed in LibreOffice
Date Mon, 10 Oct 2011 16:19:43 GMT
On Mon, Oct 10, 2011 at 11:37 AM, Michael Meeks <michael.meeks@suse.com> wrote:
> Hi Dennis,
>
> On Mon, 2011-10-10 at 08:03 -0700, Dennis E. Hamilton wrote:
>> How is it that this "reciprocal action" occurred and was made known to
>> the Apache OOo podling ?
>
>        Oh - it's quite simple, you ASF/OOo made your decision to not include
> TDF guys, and we (without an endless mail thread) made the quiet
> decision to drop Malte from our LibreOffice specific mailing list:
> tdf-security@lists.documentfoundation.org in response; turning it into a
> TDF-ony list. That seems reasonable presumably.
>

It does not seem reasonable to publicly excoriate AOOo for having a
private security list restricted to members while you are
simultaneously and without notice proceed to enforce the same policy
for the TDF security list.  Some might even say that was disingenuous
and hypocritical.

In any case, I see very little basis for trust here.  What I see is
attempts by TDF/LO members to politicize security, from the start,
raising FUD about issues in an apparent attempt to scare users away
from AOOo.  I see you sharing information about subscribers on a
private security list in attempts to score points and embarrass list
participants.  I see a TDF blog post that is full of misstatements and
inaccuracies about a non-existant vulnerability, one that the original
RedHat expert now admits is not a security issue.  All I'm doing is
suggesting that we treat AOOo security like we do for every other
Apache project.  But you are playing games and trying to score points.
 This is not a reasonable basis for trust.

-Rob

Mime
View raw message