Return-Path: X-Original-To: apmail-incubator-ooo-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-ooo-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B96677C64 for ; Mon, 10 Oct 2011 15:12:42 +0000 (UTC) Received: (qmail 91937 invoked by uid 500); 10 Oct 2011 15:12:42 -0000 Delivered-To: apmail-incubator-ooo-dev-archive@incubator.apache.org Received: (qmail 91889 invoked by uid 500); 10 Oct 2011 15:12:42 -0000 Mailing-List: contact ooo-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ooo-dev@incubator.apache.org Delivered-To: mailing list ooo-dev@incubator.apache.org Received: (qmail 91881 invoked by uid 99); 10 Oct 2011 15:12:42 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 10 Oct 2011 15:12:42 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of dennis.hamilton@acm.org designates 75.98.160.130 as permitted sender) Received: from [75.98.160.130] (HELO a2s15.a2hosting.com) (75.98.160.130) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 10 Oct 2011 15:12:35 +0000 Received: from 63-226-210-225.tukw.qwest.net ([63.226.210.225] helo=Astraendo) by a2s15.a2hosting.com with esmtpa (Exim 4.69) (envelope-from ) id 1RDHWY-000374-D3 for ooo-dev@incubator.apache.org; Mon, 10 Oct 2011 11:12:14 -0400 Reply-To: From: "Dennis E. Hamilton" To: References: <1318241437.13022.82.camel@lenovo-w500> <57CD0AF1-D116-4AAD-8F27-5537FCDBC82B@webmink.com> <509B98B1-2E85-4D87-BD68-8020C592C9F0@webmink.com> In-Reply-To: Subject: RE: Vulnerability fixed in LibreOffice Date: Mon, 10 Oct 2011 08:12:14 -0700 Organization: NuovoDoc Message-ID: <009301cc875e$fec12c50$fc4384f0$@acm.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQJoCrnrfld+i/1N7jdorlCYq48qYwJZG8dSAi45FBsCQlLQrQG85WGUApTJ6SwC4eLEtwLGz4aeAhjLhgkB6bH+BAEQqLXrAqKhtX4BewjggJNu//bw Content-Language: en-us X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - a2s15.a2hosting.com X-AntiAbuse: Original Domain - incubator.apache.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - acm.org X-Virus-Checked: Checked by ClamAV on apache.org Concerning the continued use of securityteam@openoffice.org, there are = two issues 1. It is not clear what the fate of mailing lists @openoffice.org is going to be, and whether they are reliably-operated in the meantime. It = would be great to have assistance in preserving the administration of=20 those lists, the @openoffice.org e-mail registration/User-ID structure, etc., but at the moment no capability to doing so has been identified=20 by the Apache OOo project. 2. There is some indication that those who are able to administer that list have not been very ecumenical about it, and some sort of peace = treaty is required to achieve the necessary DMZ. That probably applies = wherever the shared security forum is established, and it is probably more = essential to address that than (1). - Dennis -----Original Message----- From: J=C3=BCrgen Schmidt [mailto:jogischmidt@googlemail.com]=20 Sent: Monday, October 10, 2011 07:55 To: ooo-dev@incubator.apache.org Subject: Re: Vulnerability fixed in LibreOffice On Mon, Oct 10, 2011 at 3:51 PM, Simon Phipps wrote: [ ... ] > Back to the actual issue: > > * for (A), AOOo clearly needs a private security list. We all agree. > * for (B), the legacy StarOffice ecosystem clearly needs a shared = private > security list. Seems we all agree on that too. > > The former apparently exists. All that's left is to actually agree to = a > technical arrangement that works for the latter. There are two = proposals on > the table. Given the tendency of some to confuse community = collaboration > with Apache project work, I actually think the idea of a list at > freedesktop.org for (B) makes most sense. > let us check first if we can still use the already established list securityteam@openoffice.org before seeking for a new name. It's at least not clear for me if we can use it = or not, i will try to clarify this. freedesktop.org is very Linux centric, isn't it? But the whole word is = often talking about OpenOffice independent of what brand they currently use. = And most of our users are still on a windows system (if we like it or not = ;-)). That means i would prefer to move forward if possible with a shared list securityteam@openoffice.org that is already known, is related to the product or derivatives and that we can = use for collaborative work on any security issues and the communication = between projects sharing the same code base or at least part of it. Does it make sense to check first the possibility of using the existing name? Juergen [ ... ]