ofbiz-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nicolas Malin <nicolas.ma...@nereide.fr>
Subject Re: [VOTE] Create the "security" mailing list for the OFBiz project
Date Mon, 25 Jul 2016 07:22:51 GMT

Le 24/07/2016 à 14:32, Jacopo Cappellato a écrit :
> Rationale: every ASF project needs a private list to discuss product
> vulnerabilities; for OFBiz the "private" list has been used for this
> purpose until now; however an ad-hoc list may be useful because it could
> provide a more focused space to discuss the security issues and could
> provide more flexibility to invite in the private list persons willing to
> help that are trusted by the PMC.
> Please vote,
> +1
> to create a "security" list (i.e. security@ofbiz.apache.org) and move all
> the security related discussions and notifications currently happening on
> the private list to this new list: according to the ASF policies [*] the
> list will be a private list used by the persons willing to help to resolve
> security issues; the list of subscribers will be approved by the OFBiz PMC.
> Otherwise vote -1 to continue to use the "private" mailing list for
> vulnerability handling.
> [*] http://www.apache.org/security/

View raw message